To use AWS PrivateLink, create a VPC endpoint for a service or a resource that is outside of your VPC. This creates an elastic network interface in your subnet with a private IP address that serves as an entry point for traffic destined to the service or resource. For more information, see VPC Endpoints.
You can create your own AWS PrivateLink-powered service (endpoint service) and enable other AWS customers to access your service. For more information, see VPC endpoint services (AWS PrivateLink).
VPC endpoints support private connectivity over AWS Direct Connect so that applications in your on premises will be able to connect to services and resources through the Amazon private network.
AWS PrivateLink is integrated with AWS Marketplace through an easy lookup of the services that are available over AWS PrivateLink. To facilitate the identification of which services are attached to your endpoint, services that are available from AWS Marketplace are supported with vanity DNS names.
You can access AWS Marketplace through the AWS PrivateLink-dedicated page here.
Preventing your sensitive data, such as customer records, from traversing the internet helps you maintain compliance with regulations such as HIPAA, EU-US Privacy Shield, and payment card industry (PCI). This is especially critical to customers in the financial services, healthcare, and government sectors. With AWS PrivateLink, traffic between AWS resources, VPCs, and third-party services stays on the AWS network where there are robust controls in place to maintain security and compliance. Controls include compliance alignment with standard financial regulations such as the SEC Rule 17a-4(f) and the Japanese Financial Intelligence Centres (JAFIC).