SYSTEM Cited by 1 source

AWS PrivateLink

What it is

AWS PrivateLink exposes AWS services and customer-operated services as interface VPC endpoints that can be consumed from a consumer VPC over the AWS private network — no internet egress, no NAT, no VPN required.

Role in sovereign-failover topology

Named as "the secure cross-partition communication" primitive in the prescribed topology:

"Networking requires isolated Transit Gateways, separate Amazon Route 53 DNS zones, and secure cross-partition communication using AWS PrivateLink." (Source: sources/2026-01-30-aws-sovereign-failover-design-digital-sovereignty)

PrivateLink is the "how do two partitions' VPCs talk to each other's service surfaces over a controlled, policy-enforceable, non-public path" answer, composed with the three cross-partition connectivity options (typically IPsec VPN or Direct Connect under the hood) plus cross-partition auth and cross-signed PKI for the application layer.

Stub page

Seen in

• sources/2026-01-30-aws-sovereign-failover-design-digital-sovereignty — named as the secure cross-partition communication primitive in the sovereign-failover prescribed topology.

Related

• systems/aws-transit-gateway
• concepts/aws-partition
• patterns/cross-partition-failover