VPC endpoints pricing: what to model (interface vs gateway endpoints)
Reviewed by CloudCostKit Editorial Team. Last updated: 2026-01-27. Editorial policy and methodology.
Start with a calculator if you need a first-pass estimate, then use this guide to validate the assumptions and catch the billing traps.
Data Egress Cost Calculator API Response Size Transfer Calculator VPC Data Transfer Cost Calculator Cross-region Transfer Cost Calculator
Use this page when you need to decide what belongs inside the endpoint bill model before you argue about optimization.
This guide is about bill boundaries: endpoint-hours, GB processed, endpoint type, and the transfer or architecture costs that should be tracked beside endpoints rather than confused with them.
What to model (interface vs gateway endpoints)
- Interface endpoints: endpoint-hours (endpoints x AZs x hours) and sometimes a per-GB processing fee.
- Gateway endpoints: a different cost model depending on service; treat them separately.
- Transfer boundaries: cross-AZ/cross-region paths can create separate transfer line items.
The same "private access" goal can be achieved with different endpoint types. Always model the endpoint line item and the transfer path together.
Inside the endpoint bill vs outside the endpoint bill
- Inside the endpoint bill: interface endpoint-hours, per-GB processing where applicable, and endpoint-type differences that change the direct line item.
- Usually outside the endpoint bill: NAT charges that remain, cross-AZ transfer created by the path, and downstream service bills that endpoints merely expose or reroute.
- Why that boundary matters: teams often blame endpoints for the whole network bill when the real multiplier sits in path locality, transfer boundaries, or services still using NAT.
Interface vs gateway endpoints: decision points
- Interface endpoints (PrivateLink): great when you need private access to many AWS services, but they add endpoint-hours per AZ and can multiply quickly across environments.
- Gateway endpoints: a different mechanism with a different cost model. Treat them separately and verify which services in your architecture can use them.
- Path matters: if clients in one AZ consistently talk to endpoints in another AZ, you can introduce cross-AZ transfer even if the endpoint line item looks correct.
Fast estimate (baseline + scenario)
Use VPC Interface Endpoint Cost Calculator for a first-pass estimate of endpoint-hours + per-GB processing.
- Baseline: current NAT GB processed and current endpoint inventory (if any).
- Scenario: endpoints added + NAT traffic reduced + any expected cross-AZ path changes.
Worked estimate template (copy/paste)
- Endpoint-hours = endpoints * AZs per endpoint * hours/month
- Endpoint GB processed = GB/month expected to flow through endpoints
- Endpoint cost = hourly baseline + per-GB processing (if applicable)
Quick sanity check: if you add many endpoints across 3 AZs, the hourly baseline can dominate even when GB processed is modest. Model the hours first, then refine GB.
NAT break-even checklist
- How much NAT GB processed is actually AWS-service traffic that can move to endpoints?
- How many endpoints will you deploy (and in how many AZs) across prod/staging/dev?
- Will endpoint routing change traffic locality (cross-AZ) or keep it AZ-local?
- Do you need endpoints everywhere, or only in a subset of VPCs and accounts?
Common pitfalls
- Forgetting that interface endpoints scale with the number of AZs you use.
- Moving traffic across AZs or regions and creating new transfer charges.
- Assuming endpoints replace NAT costs without validating the traffic mix.
- Counting endpoints once while they exist in multiple VPCs and environments.
How to validate the pricing model
- Reconcile endpoint-hours in billing against endpoints * AZs * hours.
- Spot-check the top destinations and verify they are the services you intended to route through endpoints.
- After rollout, compare NAT GB processed and endpoint GB processed as a before/after sanity check.
When this is not the right page
- If your main problem is measuring endpoint inventory, AZ coverage, active hours, and GB sources, go to Estimate endpoint-hours and GB.
- If the hours and GB model is already believable and you now need operational changes, go to VPC endpoints cost optimization.
- If the main decision is endpoint versus NAT path economics rather than line-item scope, compare with NAT vs VPC endpoints.
Related guides
Estimate endpoint-hours and GB PrivateLink pricing VPC endpoints cost optimization NAT vs VPC endpoints AWS network cost hub
Sources
Related guides
NAT Gateway vs VPC endpoints cost: when PrivateLink wins
Compare NAT Gateway vs VPC endpoints (Interface/Gateway endpoints) cost: model gateway-hours + GB processed versus endpoint-hours + per-GB, estimate how much NAT traffic endpoints remove, and avoid transfer surprises.
API Gateway pricing: what to model (requests + transfer)
A practical API Gateway pricing checklist: request charges, data transfer, and the add-ons that can show up on the bill.
API Gateway cost optimization: reduce requests, bytes, and log spend
A practical playbook to reduce API Gateway spend: identify the dominant driver (requests, transfer, or logs), then apply high-leverage fixes with a validation checklist.
API Gateway vs ALB vs CloudFront cost: what to compare (requests, transfer, add-ons)
A practical cost comparison of API Gateway, Application Load Balancer (ALB), and CloudFront. Compare request pricing, data transfer, caching impact, WAF, logs, and the hidden line items that change the answer.
AWS cost checklist: model the drivers that actually move the bill
A practical AWS cost checklist for planning and reviews: define scope, identify top cost drivers (requests, GB, GB-month, hours), and avoid the common blind spots (data transfer, logs, and cross-AZ).
S3 pricing: a practical model for storage, requests, egress, and replication
A practical S3 pricing guide: what to include (GB-month, requests, egress, replication) and how to estimate the key inputs without copying price tables.
Related calculators
Data Egress Cost Calculator
Estimate monthly egress spend from GB transferred and $/GB pricing.
API Response Size Transfer Calculator
Estimate monthly transfer from request volume and average response size.
VPC Data Transfer Cost Calculator
Estimate data transfer spend from GB/month and $/GB assumptions.
Cross-region Transfer Cost Calculator
Estimate monthly cross-region transfer cost from GB transferred and $/GB pricing.
RPS to Monthly Requests Calculator
Estimate monthly request volume from RPS, hours/day, and utilization.
API Request Cost Calculator
Estimate request-based charges from monthly requests and $ per million.
FAQ
Do VPC endpoints always save money?
Not always. Endpoints add their own hourly fees (and sometimes per-GB processing), but they can reduce NAT GB processed and improve security by keeping traffic private. Model your traffic mix to find break-even.
What's the biggest multiplier for endpoint cost?
Availability Zones. Interface endpoints are deployed per AZ. If you attach endpoints in 3 AZs, your endpoint-hours are roughly 3x compared to 1 AZ.
Are gateway endpoints billed the same way as interface endpoints?
No. Gateway endpoints differ by service and can have a different cost model. The key is to treat endpoints as their own line items and model your actual traffic path.
Last updated: 2026-01-27. Reviewed against CloudCostKit methodology and current provider documentation. See the Editorial Policy
.