You can access an S3 bucket in your connected AWS account by creating an S3 endpoint.


  1. Create an S3 endpoint.
    1. Log in to your AWS account.
    2. Click VPC and then click Endpoints.
    3. Click Create Endpoint.
    4. In the VPC drop down, select the VPC that is connected to your VMware Cloud on AWS account.
    5. In the Service drop down, select the S3 service.
    6. Click Next Step.
    7. Select the route table for the subnet you selected when you deployed your SDDC.
    8. Click Create Endpoint.
  2. Configure the security group for your connected Amazon VPC to allow traffic to the logical network associated with the VM in your SDDC.
    1. Select VPC.
    2. Click Security Groups
    3. Click your connected Amazon VPC's security group and click the Inbound tab.
    4. Click Edit.
    5. Click Add Rule.
    6. In the Type dropdown menu, select HTTPS.
    7. In the Source text box, enter the CIDR block for the logical network that the VMs in your SDDC are attached to.
    8. Repeat steps Step e through Step g for each logical network that you want to be able to connect to.
    9. Click Save.
  3. Ensure that access to S3 through the elastic network interface is enabled.
    By default, S3 access through the elastic network interface in the connected Amazon VPC is enabled. If you disabled this access to allow S3 access through the internet gateway, you must re-enable it.
    1. Log in to the VMC Console at
    2. View Details
    3. Networking & Security
    4. Click Connected Amazon VPCs, and then click Enable next to S3 Endpoint.
  4. From the VMC Console, create a compute gateway firewall rule to allow https access to the connected Amazon VPC.
    1. Under Compute Gateway, click Firewall Rules.
    2. Add a compute gateway firewall rule with the following parameters.
      Option Description
      Source The CIDR block for the logical network that the VM in your SDDC is connected to.
      Destination Select All Linked AWS VPC.
      Service Select HTTPS.


VMs in your SDDC can now access files on the S3 bucket using their https paths.