VPC Endpoint Service Overview

A VPC endpoint service is a cloud service or a private service that can be accessed through a VPC endpoint.

There are two types of VPC endpoint services: gateway and interface.

Gateway VPC endpoint services are configured by the system only for cloud services.
Interface VPC endpoint services can be configured for cloud services or private services. Cloud services are configured as interface VPC endpoint services by the O&M personnel by default. However, private services must be configured as interface VPC endpoint services by users.

Supported cloud services vary by region. For details, see the services that can be configured on the management console.

To access OBS as a gateway VPC endpoint service, you need to search for it by name. To obtain its name, submit a service ticket or contact the OBS O&M engineers.

This section describes how to configure your private service as an interface VPC endpoint service and how to manage it.

**Table 1** Management of VPC endpoint services
Operation	Description	Constraints
Creating a VPC Endpoint Service	Describes how to configure a private service as a VPC endpoint service.	VPC endpoint services are region-level resources. Select a region and project when you create such a service. Each tenant can create a maximum of 20 VPC endpoint services. The following private services can be configured as VPC endpoint services: Elastic load balancer: works well for services that need to handle heavy traffic and require strong reliability and effective disaster recovery. ECS: serves as a server. BMS: serves as a server. A VPC endpoint service can have only one backend resource. If a Layer 7 load balancer is configured as a backend resource, Proxy Protocol must be disabled.
Managing VPC Endpoint Services	Describes how to check and delete a VPC endpoint service.	Deleted VPC endpoint services cannot be recovered. Only private services configured as VPC endpoint services can be deleted. VPC endpoint services in the Accepted or Creating state cannot be deleted.
Accepting or Rejecting the Access from a VPC Endpoint	Describes how to set connection approval of a VPC endpoint service to determine whether to allow a VPC endpoint to connect to the VPC endpoint service.	You can specify whether to allow a VPC endpoint to connect to a VPC endpoint service only when connection approval is enabled.
Configuring the Whitelist of a VPC Endpoint Service	Describes how to manage whitelist records of a VPC endpoint service to control cross-account access between a VPC endpoint and a VPC endpoint service.	The VPC endpoint and VPC endpoint service must be deployed in the same region. Before you configure the whitelist for a VPC endpoint service, obtain the account ID of the associated VPC endpoint.
Viewing Port Mappings of a VPC Endpoint Service	Describes how to view the port mapping between a VPC endpoint and a VPC endpoint service, including the supported protocol, service port, and terminal port.	A port mapping needs to be configured when you create a VPC endpoint service. After a VPC endpoint service is created, you can view its port mappings but cannot modify them.
Managing Tags of a VPC Endpoint Service	Describes how to query, add, edit, and delete tags of a VPC endpoint service.	You can add up to 20 tags to each VPC endpoint service.