This topic introduces endpoint services and describes how to create an endpoint service.

Note PrivateLink is available for use in only specific regions. For more information, see Regions and zones that support PrivateLink.

Overview

You can use an endpoint in a virtual private cloud (VPC) to connect to an endpoint service that is deployed in another VPC through PrivateLink. Endpoint services are created and managed by service providers.Endpoint services

Procedure

The following flowchart shows how to create an endpoint service.

  1. Create an internal Server Load Balancer (SLB) instance that supports the PrivateLink service
    Only internal SLB instances that support the PrivateLink service can serve as service resources for endpoint services. You must specify SLB instances as service resources when you create an endpoint service. Before you create an endpoint service, you must create an internal SLB instance that supports the PrivateLink service. For more information, see Create a CLB instance that supports PrivateLink.
  2. Configure the SLB instance
    After the SLB instance is created, you must add at least one listener and one group of backend servers to the SLB instance. This way, traffic can be forwarded by the SLB instance. For more information, see Configure an SLB instance.
  3. Create an endpoint service
    You can use an endpoint in a VPC to connect to an endpoint service that is deployed in another VPC through PrivateLink. You must specify SLB instances when you create an endpoint service. For more information, see Create an endpoint service.
  4. Add account IDs to the whitelist
    After you create an endpoint service, the account ID of the service owner is automatically added to the whitelist. The endpoint service is visible to users whose account IDs are in the whitelist. These users can use the endpoints to connect to the endpoint service. To allow VPCs under other accounts to access endpoint services deployed in your VPC, you must add their account IDs to the whitelist. For more information, see Add account IDs to the whitelist.
  5. Optional. Add service resources to an endpoint service.
    You can add multiple service resources to an endpoint service. After you create an endpoint in a VPC, you can use the endpoint to access the endpoint services that are deployed in another VPC through PrivateLink. For more information, see Add service resources.