What Are the Differences Between VPC Endpoints and VPC Peering Connections?

Table 1 describes differences between VPC endpoints and VPC peering connections.

Note

VPC endpoints and VPC peering connections are two different resources. You can configure either of them based on your connectivity needs.

Table 1 Differences

Category

VPC Peering Connection

VPC Endpoint

Security

All resources in a VPC, such as ECSs and load balancers, can be accessed.

Allows access to a specific service or application. Only the ECSs and load balancers in the VPC for which VPC endpoint services are created can be accessed.

CIDR block overlap

Not supported

If two VPCs have overlapping subnets, the VPC peering connection will not work.

Supported

If you use a VPC endpoint to connect two VPCs, you do not have to worry about overlapping subnets.

Communications mode

VPCs connected through a peering connection can communicate with each other.

Requests can only be initiated from a VPC endpoint to a VPC endpoint service, but not the other way around.

Route configuration

If a peering connection is established between two VPCs, add routes to the VPCs so that they can communicate with each other.

For two VPCs that are connected through a VPC endpoint, the route has been configured, and you do not need to configure it again.

Access using VPN/Direct Connect

Supported

You can create a VPC Peering connection to connect your on-premises data center to a cloud service using a VPN connection or a direct connection.

Supported

You can create a VPC endpoint to connect your on-premises data center to a cloud service using a VPN connection or a direct connection over an internal network.