Enhancing VPC Security with Amazon VPC Block Public Access

Networking & Content Delivery Blog

AWS has introduced Amazon VPC Block Public Access, a new feature designed to enhance VPC security by providing more granular control over internet access in AWS networks.

Allows centralized blocking of incoming and outgoing VPC internet traffic through AWS-provided paths
Provides three main modes of access control:
- Bidirectional block (all internet traffic blocked)
- Ingress-only block (inbound traffic blocked)
- Granular exclusions for specific VPCs or subnets
Can be configured per region on an AWS account
Supports both IPv4 and IPv6 traffic management
Ensures only NAT Gateways and Egress-Only Internet Gateways can provide internet access when certain modes are enabled
Stateful when used in ingress-only mode, automatically permitting return traffic for allowed connections

The feature helps organizations improve their cloud security posture by providing a simple, declarative method to control internet access across their VPC infrastructure.

Go to article

The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Nov 19
2024

AWS announces Block Public Access for Amazon Virtual Private Cloud

May 11
2026

Enhanced security with DMZ architecture using Amazon VPC Block Public Access

Mar 25
2026

Deploy VPC Block Public Access across AWS Organizations

Jun 10
2026

Best practices for securing your IPv6 infrastructure on AWS using VPC Block Public Access

The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.

Enhancing VPC Security with Amazon VPC Block Public Access

Related articles