I recently configured a VPC private endpoint for Cloud Object Storage to improve security and reduce costs for our ERP data exports. However, since switching from the public endpoint, data transfers are timing out after about 2 minutes.
The ERP system runs on a Virtual Server in the VPC and exports daily transaction data to COS. With the public endpoint, transfers completed in 5-10 minutes. Now with the private endpoint, the connection times out consistently.
Here’s the error from our transfer logs:
Connection timeout after 120s
Endpoint: s3.private.us-south.cloud-object-storage.appdomain.cloud
Bucket: erp-daily-exports
I’ve verified the VPC private endpoint is provisioned and bound to the correct VPC. The security group rules allow outbound HTTPS traffic. The Virtual Server can resolve the private endpoint DNS name. But something in the VPC private endpoint configuration or security group rules is blocking the actual data transfer for ERP-COS integration.
The 120-second timeout suggests the connection is established but data transfer is blocked. This is typically a security group issue. Did you add an inbound rule on the VPC endpoint’s security group to allow traffic from your Virtual Server’s security group? Private endpoints need bidirectional rules.
Another thing to verify - make sure your ERP application is using the correct private endpoint hostname format. It should be s3.private.REGION.cloud-object-storage.appdomain.cloud, not the direct endpoint. Also, if you’re using virtual hosted-style requests (bucket name in hostname), the private endpoint needs to support that format.
I added the inbound rule to the endpoint’s security group to allow port 443 from the Virtual Server’s security group. The timeouts are gone, but now I’m seeing intermittent slow transfers - sometimes 5 minutes, sometimes 20 minutes for the same data volume. Is this normal for private endpoints, or is there additional tuning needed for the ERP-COS integration?