Private Link Connectivity
- shubham.agarwal
Prerequisites:
Database hosted in same region
Â
As Endpoint services works with load balancer, we need to setup a load balancer in order to create a endpoint service.
Setup Load balancer:
Below are the steps to setup using forwarding to a particular IP.
Â
Click on this Link for creating new Load balancer. You should see the below screen.
Â
Click on Create Load balancer
There should be 3 options, select network load balancer
In Network setting, select the VPC in which the database is hosted, and select appropriate availability zones
In security group, it should allow traffic on port on which the database is hosted. For example, if the database is PostgreSQL then the port number should be 5432.
In Listeners, change the port number to the port of database and select the target group. If you dont have target, create a new target group and it should be targeting to a instance, target should be the IP of database. For database IP, use command nslookup hostname_of_database.
Once you have configured everything then select the Create Load balancer button and create a load balancer.
Â
Create Endpoint service
Once you have successfully configured the load balancer go to the endpoint service screen. And click on create endpoint service.
Provide endpoint service name and select Network gateway in Load balancer type and once that is done select the load balancer
Optional, its better to have Acceptance required option selected as it will prompt for acceptance before anyone can use the endpoint service.
Once the endpoint service is created then select the newly created endpoint service and go allow principals tab and create a new principal for EazyDI account. Please use the below principal
arn:aws:iam::851725598359:root
Â
Prerequisites:
Database hosted in the same AWS region.
Setup Load Balancer:
Access the Load Balancer Setup:
Navigate to the AWS Management Console. Link for the same.
Go to the EC2 Dashboard and select "Load Balancers" from the left-hand menu.
Click on "Create Load Balancer."
Select Load Balancer Type:
Choose "Network Load Balancer" from the available options.
Configure Network Settings:
In the "Basic Configuration" section, provide a name for your load balancer.
Under "Scheme," select internal since it will be used for PrivateLink connectivity.
Select the VPC in which the database is hosted.
Choose the appropriate availability zones where the resources are located.
Configure Security Groups:
Ensure the security group allows traffic on the port your database is hosted on (e.g., port 5432 for PostgreSQL).
Configure Listeners and Target Groups:
In the "Listeners" section, set the listener port to the port number of your database (e.g., 5432).
Select an existing target group or create a new target group:
For a new target group, choose the target type as "IP Addresses"
Specify the protocol as TCP.
Register targets by entering the IP address of your database instance. You can find the database IP using the command
nslookup hostname_of_database.
Review and Create:
Review all the configurations.
Click on "Create Load Balancer."
Create Endpoint Service:
Navigate to Endpoint Services:
Go to the VPC Dashboard.
Select "Endpoint Services" from the left-hand menu.
Click on "Create Endpoint Service."
Configure Endpoint Service:
Provide a name for the endpoint service.
Select Network Load Balancer in the load balancer type.
Choose the previously created load balancer from the list.
Optional Settings:
It is recommended to enable the "Acceptance required" option to control which principals can connect to your endpoint service.
Review and Create:
Once the configurations are complete, click on "Create Endpoint Service."
Configure Allowed Principals:
Select the newly created endpoint service.
Go to the "Allowed Principals" tab.
Add the principal ARN:
arn:aws:iam::851725598359:root.
By following these steps, you will have a Network Load Balancer set up and an endpoint service created for PrivateLink connectivity, ensuring secure and private communication to your database within the same AWS region.