Simplifying Secure Access to Amazon S3 Storage

AWS Direct Connect on Platform Equinix + AWS PrivateLink = end-to-end private connection to S3 storage

Gene McColm

Businesses continue to embrace hybrid multicloud as the digital infrastructure of choice. That means keeping some workloads on-premises for performance, compliance or security reasons, while migrating other workloads to the best cloud for the job. According to the 2020 State of the Cloud Report, 87% of enterprises have a hybrid cloud strategy and 93% have a multicloud strategy – using on average 2.2 public and 2.2 private clouds.[i]

But regardless of which approach an organization takes, criteria such as cost, performance, reliability and security, always remain top of mind. That’s why we are thrilled to announce that businesses can now securely access Amazon Simple Storage Service (S3) through AWS Direct Connect on Platform Equinix® and AWS PrivateLink. The big news here is that businesses can now bypass the public internet and directly connect to Amazon S3 with end-to-end private, secure, low-latency connectivity.

Download the Equinix Fabric™ Data Sheet

Equinix Fabric™ directly, securely and dynamically connects distributed infrastructure and digital ecosystems on Platform Equinix®. Establish data center-to-data center network connections on demand between any two Equinix Fabric™ locations within a metro or globally via software-defined interconnection.

Learn more
Equinix Fabric
93%

93% of enterprises have a multicloud strategy, using on average 2.2 public and 2.2 private clouds.

Securing your digital advantage with Equinix and AWS

Equinix and AWS have a long-standing partnership helping organizations accelerate their digital transformation through hybrid multicloud infrastructure including secure hybrid cloud environments on-premises using AWS Outposts, as well as cloud optimized WAN architectures and VMware Cloud on AWS

AWS Direct Connect on Platform Equinix enables businesses to orchestrate applications and data across multiple locations with AWS Dedicated Connections (up to 100 Gbps) or AWS Hosted Connections (up to 10 Gbps). By leveraging AWS Direct Connect with Equinix FabricTM, enterprises can privately connect to AWS Cloud from 45+ Equinix International Business Exchange™ (IBX®) data center metros across three regions. Equinix Fabric connects digital infrastructure and services on demand at software speed through secure, software-defined interconnection.

By leveraging AWS Direct Connect with Equinix Fabric, enterprises can privately connect to AWS Cloud from 45+ metros on Platform Equinix."

What’s new with AWS PrivateLink to S3 storage?

AWS PrivateLink allows businesses to privately access AWS services that are normally only available via the public internet. With AWS PrivateLink, companies can securely connect their virtual private clouds (VPCs) to AWS marketplace applications, AWS services and their own VPCs with minimal configuration. AWS PrivateLink is integrated with AWS Direct Connect and doesn’t require firewall rules, proxy devices or route tables, simplifying network management.

However, AWS PrivateLink was not previously available for connecting on-premises digital infrastructure to S3 storage. This meant that customers who needed a private route to S3 through AWS Direct Connect had to traverse the public internet or use an EC2 proxy to forward it via the existing VPC. The diagram below shows an example of this. A customer has a private virtual interface (VIF) to the VPC environment via AWS Direct Connect and Equinix Fabric, but they also need a secure connection to S3 storage. To address this, they built a public VIF to S3 storage via a second AWS Direct Connect.

Now with AWS PrivateLink for S3, customers can provision new private interface endpoints for S3 and other AWS services in their VPC instead of connecting over the internet. The VPC interface endpoint enables private connectivity to services across the Amazon network through AWS PrivateLink.  On-premises connectivity to the VPC is still federated via AWS Direct Connect. That means a customer can establish a single end-to-end private connection between their on-premises and S3 digital infrastructure via AWS Direct Connect and Equinix Fabric within minutes as shown below.

This extends the functionality of existing gateway endpoints by enabling them to access S3 using private IP addresses. Any API requests and HTTPS requests to S3 from their on-premises applications are automatically directed through interface endpoints, which connect to S3 securely and directly through PrivateLink.

Data and storage go hand in hand

As the digital economy races full speed ahead, data will continue to explode. In Data Age 2025, IDC predicted that the global datasphere will grow from 45 zettabytes in 2019 to 175 by 2025, and nearly 30% of the world’s data will need real-time processing.[ii] Cloud is essential for adapting to this rapid growth, whether that means supporting real-time interactions at the edge, delivering personalized experiences or processing large volumes of data for deeper insights. AWS Direct Connect and AWS PrivateLink to S3 storage, combined with Equinix Fabric on Platform Equinix, enable businesses to bypass the public internet and directly connect their on-premises infrastructure with their cloud storage. This empowers businesses to harness their data stored in the cloud with reduced cost, improved performance and increased security.

Learn more about Equinix Fabric and discover how Equinix and AWS are helping enterprises deploy high-performance, agile hybrid multicloud infrastructures.

You may also be interesting in exploring:

 

[i] Flexera, Cloud Computing Trends: 2020 State of the Cloud Report, May 2020.

[ii] IDC, Data Age 2025: The Digitization of the World – From Edge to Core, Doc# US44413318, sponsored by Seagate, landing page and white paper, Nov 2018.

Gene McColm
Gene McColm Principal Solutions Architect, AWS Strategic Alliance