Create Endpoint
VNG Cloud Endpoint is the private connection point between VPC and VNG Cloud services
Important
Within the same region, users can create multiple Endpoints within a single VPC.
If the option “Enable Private DNS” is selected during Endpoint creation, manual host file configuration is not required — DNS resolution is handled automatically.
If Private DNS is not enabled, users must manually add host entries on each server in order to access the Endpoint Service.
Endpoint Creation Process
Log in to the VNG Cloud console at: https://hcm-3-vnetwork.console.vngcloud.vn/endpoint/list
Ensure that the selected region is HCM.
From the left-hand navigation panel, click on the “Endpoint” menu.
Click “Create an Endpoint” to begin the setup process.
Enter the required information for the Endpoint:
Endpoint Name: Provide a name for the new Endpoint.
Select Region/Zone: Choose the appropriate region and availability zone (e.g., HCM-1A, HCM-1B, etc.).
Select Service: Choose a VNG Cloud service to connect to from the supported list: vServer, vStorage, vMonitor, vCR, IAM.
Service Package: The Endpoint is provisioned with the default Standard package.
No manual selection is required.
Select the VPC and Subnet to connect to the VNG Cloud service via the service Endpoint.
Private DNS Configuration:
If the selected VPC supports DNS, the “Enable Private DNS” option will be available.
When enabled, domain names will automatically resolve to internal IPs — no manual host entries are required.
If the VPC does not support DNS, the option will be disabled by default.
In this case, users must manually configure host entries to access the service.
Review service pricing and configuration details in the “Summary” section.
Click “CREATE ENDPOINT” to proceed.
The system will begin provisioning the Endpoint.
Once creation is complete, the new Endpoint will appear in the Endpoint list view.
How to Use the Endpoint
For Endpoints Created in VPCs Without DNS Support
When the VPC does not support DNS, the "Enable Private DNS" option will be unavailable during Endpoint creation. As a result, DNS name resolution will not be applied automatically, and users will not be able to access the Endpoint Service directly after creation.
Manual Configuration Steps:
To configure private access from your server to the Endpoint Service, follow these steps:
Open the Endpoint Management Page
Navigate to the list of created Endpoints.
Select the Endpoint you wish to configure.
Identify Key Information On the Endpoint detail page, the system will display two important items:
Endpoint URL: The public domain name for accessing the service via the Endpoint.
Endpoint IP: The internal IP address assigned to the Endpoint.
Configure the Host File on Your Server On each server that needs to access the service, add a host entry:
For Linux/macOS:
/etc/hosts
For Windows:
C:\Windows\System32\drivers\etc\hosts
Entry format:
<Endpoint IP> <Endpoint URL>
Example:
10.0.5.123 service.example.internal
Save changes and verify that domain name resolution points to the correct Endpoint IP.
✅ Note: Host entry configuration is only required on servers located within the same VPC or that have a valid network route to the Endpoint Service.


Add host entries on servers that need to access the service via the Endpoint Service.


Using Endpoint Service with “Enable Private DNS” Enabled
When an Endpoint is created with the “Enable Private DNS” option enabled, the DNS system automatically resolves the service domain name. This eliminates the need for users to manually configure host records on their servers and ensures seamless and simplified access to the service.
Key Behaviors:
Within each VPC, only one Endpoint with “Enable Private DNS” enabled is allowed per specific service.
When this option is enabled:
The system automatically overrides the public DNS record of the service domain with a corresponding private IP address within the VPC.
All DNS queries from resources inside the VPC to the service domain will be routed through the internal Endpoint, rather than using the public IP.
⚠️ Note: The DNS override mechanism is only effective within the VPC. It does not affect DNS resolution from outside the internal network.
Last updated