We're trying to access AWS Services from a private subnet in a VPC using a VPC endpoint or Private Link. We're trying to avoid adding a NAT gateway on the private subnet.
We created/added a VPC Endpoints (i.e. AWS Service for EC2 and S3)
com.amazonaws.us-east-2.ec2
com.amazonaws.us-east-2.s3
But we're not able to access something like com.amazonaws.us-east-2.iam; is there an iam endpoint or is this supported or is there any workaround
for us to use iam via VPC Endpoint on us-east-2?
Here's the error we're getting when we use the latest version of Java AWS SDK to get ec2 instance attached iam role programatically
org.apache.http.conn.ConnectTimeoutException: Connect to iam.amazonaws.com:443 [iam.amazonaws.com/
Thanks for any information you can provide.
As of May 2022, VPC endpoint for IAM is not supported. You'd have to connect to IAM via internet. Or as a workaround, you can do IAM actions in CloudFormation.