1. Proposed title of this feature request

Add support for AWS S3 VPC Endpoints to enable secure, private S3 bucket access

2. What is the nature and description of the request?

This is a mandated security requirement by the Bank Infosec team to ensure all traffic to S3 storage is private, bypassing the public internet to mitigate security risks and control costs.

3. Why does the customer need this? (List the business requirements here)

The use of private networking for all AWS services to comply with security and cost policies, specifically requiring the use of AWS S3 VPC Endpoints instead of public S3 URLs.

The current implementation of the Red Hat Loki Operator (v6.0.9) forces logging traffic to be routed via the public Internet Gateway to access S3 storage, resulting in a non-compliant state and potential security risks flagged by the Infosec team. This limitation blocks the secure deployment and continued operation of the logging stack.
4. List any affected packages or components.

Platform: Red Hat OpenShift Container Platform (OCP) 4.16 (Approaching EUS)

Affected Components/Versions:

Loki Operator 6.0.9

OpenShift Logging 6.0.6

OADP Operator 1.3.3

Backend Storage: AWS S3

Ongoing Upstream issue: https://github.com/grafana/loki/pull/19247