英文:
Ec2 vs S3 data transfer charges
问题
我正试图理解S3和Ec2之间的成本影响。我找到了这篇文章,但它引发了我以下的困惑。
- 文章中到处都说,如果在同一地区,S3和Ec2的数据传输是免费的。但在上述文章中,我发现了以下的说法(部分:访问同一AWS区域内的服务):
如果要使用互联网网关访问同一地区的AWS服务的公共端点(图1 - 模式1),则不会产生数据传输费用。如果要使用NAT网关来访问相同的服务(图1 - 模式2),则通过网关传输的数据会产生数据处理费用(每GB)。
据我所知,NAT网关只在Ec2希望与外部进行通信时才会出现。那么,这是否意味着在私有子网Ec2实例和S3之间的任何S3数据传输(入站/出站)都不是免费的(因为我已经配置了NAT)?同样,公共子网实例与S3之间的任何S3数据传输(入站/出站)只有在免费吗?
- 我无法理解这句话 - "AWS服务的公共端点"。我如何为S3或Kinesis创建一个公共端点?图片指出可以使用公共端点与S3/Kinesis/DynamoDB/ECR/SNS进行交互,但我不确定如何为这些创建一个公共端点。是否有任何简单的示例来指示公共端点访问的示例?
英文:
I am trying to understand the cost implications between S3 and Ec2. I found this a nice article but it triggered me the following confusion.
- Everywhere the article says that the S3 and Ec2 data transfer are free if it is in the same region. But, in the above article, I found the following statement (section: Accessing services within the same AWS Region),
> If the internet gateway is used to access the public endpoint of the
> AWS services in the same Region (Figure 1 – Pattern 1), there are no
> data transfer charges. If a NAT gateway is used to access the same
> services (Figure 1 – Pattern 2), there is a data processing charge
> (per gigabyte (GB)) for data that passes through the gateway.
AFAIK, NAT gateway comes into the picture in when Ec2 wants to communicate something outside. So, does this mean, any S3 data transfer (ingress/egress) between private subnet Ec2 instance and S3 is not free (as I have configured NAT)? Similarly, any S3 data transfer (ingress/egress) between the public subnet instances and S3 is only free?
- I am not able to understand the statement - "public endpoint of the AWS services". How can I create a public endpoint for S3 or kinesis? The image point out that it is possible to interact with S3/Kinesis/DynamoDB/ECR/SNS using a public endpoint but I am not sure how to create a public endpoint for those. Is there any simple example to point to the public endpoint access example?
答案1
得分: 2
术语数据传输具体指的是从AWS到互联网的流量。因此,同一地区的任何AWS服务之间的流量不会产生数据传输费用。
但是,对于VPC和NAT网关可能会有一些费用。这些费用不叫做"数据传输",而是与正在使用的服务有关。请参阅:Amazon VPC定价 - Amazon Web Services
AWS服务的终端位于互联网上。这些是请求发送的位置,比如启动Amazon EC2实例的请求或将数据上传到Amazon S3存储桶的请求。
如果您在私有子网中拥有资源,希望与AWS服务(如Amazon S3)进行通信,您可以向您的VPC添加一个VPC终端。有时您会看到这些终端被称为通过AWS PrivateLink连接。例如,_用于S3的VPC终端_充当VPC和S3终端之间的"快捷方式"。通过VPC终端发送的流量不收费。这减少了通过NAT网关传输的流量量,甚至可能完全消除了需要使用NAT网关的需求。
请参阅:通过AWS PrivateLink访问AWS服务 - Amazon Virtual Private Cloud
英文:
The term Data Transfer specifically refers to traffic going from AWS to the Internet. Therefore, any traffic between any AWS services in the same Region do not attract Data Transfer costs.
However, there might be some charges for VPCs and NAT Gateways. These are not called "Data Transfer", but are instead specifically related to the service being used. See: Amazon VPC Pricing - Amazon Web Services
The endpoints of AWS services reside on the Internet. These are the locations where requests are sent, such as requests to launch an Amazon EC2 instance or to upload data to an Amazon S3 bucket.
If you have resources in a private subnet that wish to communicate with AWS services (such as Amazon S3), you can add a VPC Endpoint to your VPC. You will sometimes see these Endpoints referred to as connecting through AWS PrivateLink. For example, a VPC Endpoint for S3 acts as a 'shortcut' between the VPC and the S3 endpoints. There is no charge for traffic sent over a VPC Endpoint. This reduces the amount of traffic going via the NAT Gateway, and possibly even totally eliminates the need for a NAT Gateway.
See: Access AWS services through AWS PrivateLink - Amazon Virtual Private Cloud
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论