To use AWS PrivateLink, create an interface VPC endpoint for a service outside of your VPC. This creates an elastic network interface in your subnet with a private IP address that serves as an entry point for traffic destined to the service. For more information, see VPC Endpoints.
You can create your own AWS PrivateLink-powered service (endpoint service) and enable other AWS customers to access your service. For more information, see VPC endpoint services (AWS PrivateLink).
Interface VPC endpoints support private connectivity over AWS Direct Connect, so that applications in your premises will be able to connect to these services via the Amazon private network.
AWS PrivateLink is integrated with AWS Marketplace through an easy lookup of the services that are available over AWS PrivateLink. To facilitate the identification of which services are attached to your endpoint, services that are available from AWS Marketplace are supported with vanity DNS names.
You can access AWS Marketplace through the AWS PrivateLink-dedicated page here.
Preventing your sensitive data, such as customer records, from traversing the internet helps you maintain compliance with regulations such as HIPAA, EU-US Privacy Shield, and payment card industry (PCI). This is especially critical to customers in the financial services, healthcare, and government sectors. With AWS PrivateLink, traffic between AWS resources, VPCs, and third-party services stays on the AWS network where there are robust controls in place to maintain security and compliance. Controls include compliance alignment with standard financial regulations such as the SEC Rule 17a-4(f) and the Japanese Financial Intelligence Centres (JAFIC).