5.5.4 Creating an Endpoint

Use the AWS Management Console to create an endpoint in the same region and availability zone as the DB System.

This task requires the following:

• Access to AWS Management Console.
• The service name of the PrivateLink. See Viewing PrivateLink Details.
• Properly configured policies to create an endpoint. See Configuring IAM Policies for Endpoints.
• A running virtual private cloud with subnets in the same availability zone as the DB System. See Creating a VPC, and Viewing DB System Details.

Do the following to create an endpoint:

1. Open the AWS Management Console and sign in with your credentials.
2. Switch to the same region as the DB System.
3. In the AWS Management Console home page, click Services, click Networking & Content Delivery, and then click VPC.
4. In the navigation pane of the Console, under Virtual private cloud, click Endpoints, and then click Create endpoint.
5. Enter the following:
   1. Endpoint settings:
      1. Name tag: (Optional) Specify a name for the endpoint.
      2. Service category: Select Other endpoint services.
   2. Service settings:
      1. Service name: Specify the service name of the PrivateLink. See Viewing PrivateLink Details. Ensure that you create the endpoint in the same region as the PrivateLink.
      2. Click Verify service.

         If the permissions are configured correctly in the PrivateLink, the service name is verified correctly. If service verification is unsuccessful, ensure that the authorized principals field in the PrivateLink is correct, and that your IAM permissions are configured accordingly. See Updating Authorized Principals.

   3. VPC:
      1. VPC: Select the VPC in which to create the endpoint.
      2. Click Additional settings.
      3. Enable DNS name: It is recommended to check this box. Checking this box configures the VPC to resolve the hostname of the PrivateLink to the private IP address of the endpoint. If you leave this box unchecked, you cannot connect to the PrivateLink using its hostname automatically, and you need to configure the DNS of the VPC manually.
   4. Subnet: Select the subnet in which you wish to create the endpoint.
   5. Security groups: Select the appropriate security groups to associate with the endpoint. The security groups must allow inbound traffic from your applications.
6. Click Create endpoint.