No, you cannot attach security groups to a Gateway VPC endpoin
No, VPC endpoints do not support cross-region access.A VPC endpoint enables private connectivity between your VPC and supported AWS services within the same region, without using the internet or NAT.