Access AppStream 2.0 API Operations and CLI Commands Through an Interface VPC Endpoint
If you use Amazon Virtual Private Cloud to host your AWS resources, you can connect directly to AppStream 2.0 API operations or command line interface (CLI) commands through an interface VPC endpoint (interface endpoint) in your virtual private cloud (VPC) instead of connecting over the internet. Interface endpoints are powered by AWS PrivateLink, a technology that lets you keep streaming traffic within a VPC that you specify by using private IP addresses. When you use an interface endpoint, communication between your VPC and AppStream 2.0 is conducted entirely and securely within the AWS network.
Note
This topic describes how to access the AppStream 2.0 API operations and CLI commands through an interface endpoint. For information about how to create and stream from AppStream 2.0 interface endpoints, see Tutorial: Creating and Streaming from Interface VPC Endpoints.
Prerequisites
To use interface endpoints, you must meet the following prerequisites:
The security groups that are associated with the interface endpoint must allow inbound access to port 443 (TCP) from the IP address range from which your users connect.
The network access control list for the subnets must allow outbound traffic from ephemeral network ports 1024-65535 (TCP) to the IP address range from which your users connect.