# PrivateLink

**Introduction**

* Exposing service endpoints in a **private** VPC. (A more secured VPC Peering)
* Most secure & scalable way to expose a service to 1000s of VPC (owned by you or other accounts)
* Doesn't require VPC Peering, IGW, NAT, Route Tables.
* Good for only want to expose part of the service but not entire VPC to other VPC.

**Usage**

* Setup a **NLB** in provider VPC, an ENI in consumer VPC
* For fault tolerance, can set NLB in multi-AZ, and ENI in multi-AZ.

![PrivateLink](https://3303577320-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-M4cDbT2F2VmcAohuhSN%2F-MF0gzTefqPAX06uAY8r%2F-MF0j0LP5SXDJ0jCt9Ld%2FScreen%20Shot%202020-08-18%20at%209.20.37%20PM.png?alt=media\&token=4b99f828-e797-4414-bd69-6b3d81a4dd91)