The Reportsengine EC2 instance will read data from S3.
Ensure that your session is connected to the ReportsEngine EC2 instance. You will execute step 2 from the ReportsEngine EC2 instance bash prompt. Execute the following command to connect to the ReportsEngine EC2 instance, as needed:**
ssh ec2-user@reportsengine -i vpce.pem
Execute the commands provided below AFTER (a) replacing
nslookup s3.amazonaws.com aws sts get-caller-identity aws s3 cp s3://<RestrictedS3Bucket>/test.txt . exit
The reports engine EC2 instance can read data from the restricted S3 bucket via the Gateway VPC Endpoint. The Gateway VPC Endpoint policy will ALLOW objects to be read from the restricted bucket (bucket with a bucket policy).
This behavior replicates the access behavior observed during verification of the Gateway Endpoint from the SalesApp EC2 instance.