I have a VPC endpoint which is created along with VPC endpoint service, which connects to NLB and then to EKS service. Now as I try to connect to service I use the DNS of VPC endpoint, what I want is to create a domain (which should be private) in place of it and use that instead.
I tried the private DNS of endpoint service, but the domain is not getting verified, so stuck there. Can someone help me how can I proceed with this ?
For using Custom Domain for your VPC Endpoint, you will need go through domain verification which is where you are now facing issues. If you don't own a domain, you can't get pass this setup. Since you have mentioned that you are looking to have a private domain, you can do as below:
Create a Private Hosted Zone associated to the VPC with the domain name you prefer. If you have one private hosted zone already for this domain, use that to add a new record. If not, you can create a new one however additional checks will be needed as this could affect other users in the VPC trying to resolve DNS records of the Private Hosted Zone you are creating
Once Private Hosted Zone is ready, you are to add an Alias record pointing at this VPC endpoint. Eg: www.test.com to vpce-xxxxx-yyyyy.amazonaws.com. This will help to resolve the domain record of www.test.com to get the Ip address of your VPC Endpoints.
The above will help in taking care of DNS lookups for clients within the same VPC. Now comes the question of what are you hosting on EKS. If this is over a TLS connection, you will need to get respective certificate for the domain created and associated to the NLB (or to your EKS pods). For both, you will have to create a self-signed (or your org private CA signed) certificate. To use with NLB's listener, load it to ACM.