There are two types of VPC endpoints: interface endpoints and gateway endpoints. Create the type of VPC endpoint required by the supported service.
An interface endpoint is an elastic network interface with a private IP address from the IP address range of your subnet that serves as an entry point for traffic destined to a supported service.
General steps to create an endpoint service :
1. Create a Network Load Balancer for your application in your VPC and configure it for each subnet (Availability Zone) in which the service should be available.
2. Create a VPC endpoint service configuration and specify your Network Load Balancer.
3. Grant permissions to specific service consumers (AWS accounts, IAM users, and IAM roles) to create a connection to your endpoint service.
4. A service consumer that has been granted permissions creates an interface endpoint to your service, optionally in each Availability Zone in which you configured your service.
5. To activate the connection, accept the interface endpoint connection request. By default, connection requests must be manually accepted. However, you can configure the acceptance settings for your endpoint service so that any connection requests are automatically accepted.

Via CLI:
aws ec2 create-vpc-endpoint –vpc-id –service-name

References :
https://aws.amazon.com/premiumsupport/knowledge-center/connect-endpoint-service-vpc/
https://aws.amazon.com/premiumsupport/knowledge-center/instance-vpc-troubleshoot/
https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html
https://docs.aws.amazon.com/vpc/latest/userguide/vpce-gateway.html
CLI: https://awscli.amazonaws.com/v2/documentation/api/latest/reference/ec2/create-vpc-endpoint.html