June 25, 2025

VPC endpoint support for Enterprise AWS runners

Enterprise AWS runners now support VPC endpoints, allowing you to connect to Gitpod’s management plane using AWS PrivateLink.

This enhancement provides:

• Increased security - All traffic between your runner and Gitpod stays within AWS’s network backbone
• More reliable connectivity - Eliminates dependency on internet routing and potential connectivity issues
• Compliance ready - Ideal for customers with strict security requirements that prohibit internet-bound traffic

How it works

With VPC endpoints enabled, your Enterprise AWS runner connects to Gitpod’s management plane through AWS PrivateLink:

1. DNS resolution - app.gitpod.io automatically resolves to VPC endpoint IP addresses within your VPC
2. AWS PrivateLink - Traffic flows through Amazon’s network infrastructure via VPC endpoints
3. Seamless integration - No changes required to your existing runner configuration

Getting started

To enable VPC endpoints for your Enterprise AWS runner:

1. Create an Interface VPC Endpoint in your AWS account pointing to Gitpod’s service
2. Configure the endpoint in the same VPC where your runner is deployed
3. Enable DNS names for automatic resolution

The runner dashboard will automatically detect and display “via VPC endpoint” as the connection type once configured.

Learn more about setting up VPC endpoints in our Enterprise runner setup documentation.

Availability: This feature is available to Enterprise customers using AWS runners.