A company mandates that all internal AWS communications use private IPs. A solutions architect created interface VPC endpoints for public AWS services like S3. However, service names are still resolving to public IP addresses, and the internal apps cannot connect. What should the architect do to resolve this issue?