I have several Ubuntu machines inside VPCs. For many of them, the only network access they need whatsoever is for "apt-get update && apt-get upgrade
" and NTP. For NTP, I can simply have an NTP server with internet access inside of the VPC. But, for apt, will I have to create an apt mirror? VPC Endpoints seem to provide access to S3 from inside the VPC, and, apparently, there are S3 apt mirrors for Ubuntu. What is the correct way to use these S3 mirrors, or how do others manage apt updates inside of AWS VPC instances? It seems that creating a NAT instance would be overkill. I have added a VPC Endpoint but still cannot access us-east-1.ec2.archive.ubuntu.com
for example. Using us-east-1.ec2.archive.ubuntu.com.s3.amazonaws.com
, I get an HTTP connection but apt just shows failures of either 404 Page Not Found or 403 Forbidden.
The 403s are expected as directory indexing is not allowed in S3.
For the 404s you may be doing something wrong. For example, http://us-east-1.ec2.archive.ubuntu.com.s3.amazonaws.com/ubuntu/dists/lucid/Release works for me.