Create a gateway endpoint
            
          
        
	
- Open the Amazon VPC console
- In the navigation pane, choose Endpoints, then click Create Endpoint:
  You will see 6 existing VPC endpoints that support AWS Systems Manager (SSM). These endpoints were deployed automatically by the CloudFormation Templates for this workshop.
 

- In the Create endpoint console:
- Specify name of the endpoint: s3-gwe
- In service category, choose AWS services

- In Services, type s3in the search box and choose the service with type gateway

- For VPC, select VPC Cloud from the drop-down.
- For Configure route tables, select the route table that is already associated with two subnets (note: this is not the main route table for the VPC, but a second route table created by CloudFormation).

- For Policy, leave the default option, Full Access, to allow full access to the service. You will deploy a VPC endpoint policy in a later lab module to demonstrate restricting access to S3 buckets based on policies.

- Do not add a tag to the VPC endpoint at this time.
- Click Create endpoint, then click x after receiving a successful creation message.
