At SingleStore, nothing is more important than the security and reliability of your data — which is why we work diligently to ensure security is considered, designed, reviewed and implemented into every corner of your database technology.
As part of our ongoing commitment to security — not only through us, but with our partners — we’re proud to announce that SingleStoreDB is now a designated AWS PrivateLink Partner.
What is AWS PrivateLink?
If you’re unfamiliar with it, here’s an overview of what exactly AWS PrivateLink facilitates:
“AWS PrivateLink enables you to connect to some AWS Services, services hosted by other AWS accounts (referred to as endpoint services) and supported AWS Marketplace partner services, via private IP address in your VPC.”
Our designation as an AWS PrivateLink Ready Partner indicates that we’ve built SingleStoreDB to enhance the security and privacy of your data workloads by connect your VPC through the AWS Private Network — ensuring you can continue to protect and manage sensitive data including personal information, while also adhering to PCI, HIPAA and other government regulations.
Keep reading to find out how you can take advantage of AWS PrivateLink in Singlestore Helios.
Setting Up AWS PrivateLink in SingleStoreDB
You can connect from a Singlestore Helios cluster to private services and networks. Setting up an AWS PrivateLink involves actions from your end, as well as the SingleStoreDB infrastructure end.
There are two types of requests you can complete — inbound and outbound. To make the process as seamless as possible, we recommend gathering all the necessary details for your type of request before sharing with SingleStore support (you’ll eventually need to contact our team to complete the connection).
For inbound requests
An inbound request means your applications are querying in SingleStoreDB. The following pieces of information are required when opening a support ticket for an inbound PrivateLink connection:
- Cluster URL (Cluster ID)
- Be sure to mention your request is for inbound
- AWS account ID
- Region details
After you’ve shared these details with our support team, we’ll create and share the service name for your cluster.
Next, create an Endpoint Connection, mapping to the service name generated by SingleStore support. Our team will then accept the service request to complete the connection.
Check out the full documentation on how to create an inbound connection to Singlestore Helios Workspaces via AWS PrivateLink
For outbound requests
An outbound request means SingleStoreDB makes the request (usually via Pipelines, but it can also be via SELECT … INTO …), so the configuration starts at the customer end.
The following pieces of information are required when opening a support ticket for an outbound PrivateLink connection. As with an inbound requires, you’ll need to set up an endpoint service and share the details with our support team:
Cluster URL (Cluster ID) or Workspace ID (for Workspace clusters)
Be sure to mention your request is for outbound
AWS account ID (request from SingleStore)
Region details
Specify if the request is outbound to Kafka if you’re using SingleStoreDB Self-Managed and your own Kafka cluster — or, if it’s a third-party-managed Kafka (like Amazon MSK or Confluent Cloud). Depending on the Kafka instance, you’ll need to supply an extra configuration to the CREATE PIPELINE clause.
Note: Your Workspace and endpoint service must be in the same region.
Check out the full documentation on how to create an outbound connection from Singlestore Helios Workspaces via AWS PrivateLink
Get Started With SingleStoreDB & AWS PrivateLink
By tapping into the power of Singlestore Helios and AWS PrivateLink, you maintain up to 99.99% uptime SLA, zero downtime and high availability. Ready to get started? Head to SingleStore Docs for everything you need to connect with PrivateLink.