Skip to main content

Secure Connections with AWS PrivateLink

You can secure the connection between your AWS VPC and Run endpoint using AWS PrivateLink. This section will guide you on how to create an optional AWS PrivateLink to keep your connection using the AWS Backbone.

  • Choose the principal that will have the permission

Example: arn:aws:iam::<aws_account_number>:root

  • Go to endpoints
  • Create
  • Select other endpoints services

Use service name: com.amazonaws.vpce.eu-west-1.vpce-svc-08964ff8d28194c31

  • Click on verify service
  • Select vpc, network/s and security groups

Note: if you want to enable DNS Name, don’t do it yet. The connection must be accepted before enable DNS private name.

  • Create the endpoint
  • The endpoint will be created in status “pending acceptance”

  • Request CxLink Support to accept the connection

  • Once accepted will be ready to use

  • Enable private dns names (optional)

Click on the endpoint

Actions…modify privat dns name

  • Click on enable for this endpoint
  • Save changes

The private DNS name is enabled and should be reachable

  • Test the connection from one instance inside the subnet designated to https://run.cxlink.syntax.global


    _10
    curl -v -H "Host: run.cxlink.syntax.global" https://run.cxlink.syntax.global