Introduction
This document describes the steps to connect Astrato and a secured data source in AWS using AWS Privatelink.
This integration will connect two AWS networks privately, allowing the Astrato application to access data sources in a private AWS network securely.
Prerequisites
An existing private connection to destination services like Snowflake or on-premise deployment in a private network.
Connect to PrivateLink using your own VPC
Astrato is the service consumer in PrivateLink terminology. To enable connectivity, the following setup is required in the AWS account hosting the database that Astrato will use as a data source.
AWS regions supported by Astrato:
Europe:
Frankfurt (eu-central-1)
Ireland (eu-west-1)
London (eu-west-2)
United States:
N. Virginia (us-east-1)
Configuration steps:
Create a Network Load Balancer (NLB)
Set up an NLB targeting the service to be exposed (e.g., a database or API).Create a VPC Endpoint Service
Use the NLB to create a VPC Endpoint Service. (AWS Doc)Share the Endpoint Service
Allow the Astrato principal to access resources (AWS Doc).
arn:aws:iam::353773956054:role/astrato-operator
Share Details with Astrato
Share these details with your Astrato Account Executive
VPC Endpoint Service name
The region where the endpoint was created.
Astrato Private Connection Configuration
Setting up the connection in Astrato will take up to a few days.
You will be contacted once the installation is complete.
However, please don't hesitate to contact your Account Executive with any questions.