Problem:
How to upload the files to S3 bucket from the Win Server (i.e. EC2 Instance) which is in private vpc with no general internet access?
Solution:
First of all, as you already know to enable an upload you need to ensure that there is a connectivity between Server and S3 Buckets.
So there are different approaches based upon Setup and Configuration, few options explained as follows:
1. If the EC2 instance and the S3 bucket are in the same AWS region, Then Using VPC Endpoint : You can use VPC Endpoints and associate it with the route table of the EC2 instance's subnet which would allow traffic to the S3 service in that region even if you don't have a NAT or Internet gateway associated with your subnet.
For more about S3 VPC endpoints:
S3 VPC endpoint in detail:
[+] https://docs.aws.amazon.com/vpc/latest/userguide/vpc-endpoints-s3.html
create a VPC Endpoint:
[+] https://aws.amazon.com/blogs/aws/new-vpc-endpoint-for-amazon-s3/
2. If the EC2 instance and the S3 bucket are in different AWS regions, Then Using NAT Gateway or Internet Gateway: You have to make use of either NAT Gateway or Internet gateway to allow traffic from your instance to the S3 service in that region.
If you dont want to keep the internet open on the server, you can later deny traffic between your EC2 Instance and S3 Service after copying the backup file on to S3 Bucket.
For more about NAT\Internet Gateways:
NAT gateways :
[+] https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html
Internet gateways :
[+] https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html
