docs-mintlify/admin/deployment/vpc/aws/private-link.mdx
AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported services and resources, and your on-premises networks, without exposing your traffic to the public internet. To set up a PrivateLink connection between Cube Cloud Dedicated Infrastructure and your own VPC, you'll need to prepare an Endpoint Service, share service details with the Cube team, and accept the incoming connection request.
There are two common scenarios for preparing the Endpoint Service:
In the case of your own infrastructure, please follow the official AWS documentation to configure the Endpoint Service pointing at your data source.
If your data source is hosted in a third-party infrastructure, please follow the vendor's documentation for creating and managing an Endpoint Service.
Cube Cloud needs to be added to the list of principals allowed to discover your Endpoint Service.
To do so, please go to AWS Console -> VPC -> Endpoint Services -> Your service -> Allow principals
and add arn:aws:iam::331376342520:root to the list.
To request establishing a PrivateLink connection, please share the following information with the Cube team:
com.amazonaws.vpce.us-west-2.vpce-svc-abcde)If a DNS name is provided, an internal DNS record will be created pointing at the established PrivateLink connection, and the service will be addressable by that name inside the Cube Cloud infrastructure.
The Cube Cloud team will notify you once the connection request is sent. You can accept it by going to AWS Console -> VPC -> Endpoint Services -> Your Service -> Endpoint Connections and clicking Accept Connection Request.
Once the connection is established, you can access your data source by addressing it either via the supplied DNS Name or an AWS internal DNS name returned to you by the Cube team.