This page provides instructions on how to enable the PrivateLink feature for the EMQX Cloud deployment on the Amazon AWS platform. Once the PrivateLink is enabled, the EMQX Cloud deployment can access AWS hosted services through a private connection in your virtual network. In the private connection, the EMQX Cloud deployment's Virtual Private Cloud (VPC) functions as the service user, sending requests to the VPC where your cloud-based resources reside, namely, the service provider's VPC.
After getting the AWS ARN where the deployment is located in EMQX Cloud console, add it to the allowed principals entry of your AWS Platform-Endpoint Service.
Once added, click Allow principals and go to the next step.
Locate the Endpoint service on your AWS platform, copy the service name, fill it to the EMQX Cloud Endpoint service name, and click Create PrivateLink.
Once completed, find the Endpoint Service - Endpoint Connection in your AWS platform and click Accept Endpoint Connection Request.
Wait for a while and check the status of the PrivateLink in the deployment details, running means it has been created successfully. Copy the Address for the next data integration-resource configuration.
Click the Data Integration menu on the left, find the resource type, fill in the Server on the New Resource page with the private connection service connection domain and port, database and user information，click Test, and the resource will be available.
To remove the private connection, you need to ensure that the PrivateLink status is running.
If you need to remove the PrivateLink service from your AWS platform, please remove the PrivateLink from EMQX Cloud console first, otherwise it will cause PrivateLink status of the deployment to be failed.
Please ensure that there are no associated resources in the deployment before removing the PrivateLink, otherwise it will lead to unpredictable risks.
Go to Deployment Details
Click on the Delete button to the right of the PrivateLink and click on Confirm to complete the deletion.