AWS PrivateLink is a networking service provided by Amazon Web Services (AWS) that allows you to securely access services hosted on the AWS cloud over a private network connection. With AWS PrivateLink, you can access Axiom directly from your AWS without an internet gateway or NAT device, simplifying your network setup.
Cross-region support
Axiom supports native cross-region PrivateLink for the following regions:
| Axiom edge deployment | Supported PrivateLink regions |
|---|---|
US East 1 (AWS) |
us-east-1us-east-2us-west-1us-west-2eu-west-1eu-west-2eu-west-3eu-central-1ca-central-1 |
EU Central 1 (AWS) |
eu-central-1eu-north-1 |
To connect to a region that isn't listed above, contact Axiom.
For more information, see Edge deployments.
Setup
Use the service details for your edge deployment to set up the VPC endpoint.
| Axiom edge deployment | PrivateLink service name | PrivateLink service region |
|---|---|---|
US East 1 (AWS) |
com.amazonaws.vpce.us-east-1.vpce-svc-05a64735cdf68866b |
us-east-1 |
EU Central 1 (AWS) |
com.amazonaws.vpce.eu-central-1.vpce-svc-00e8d47e8c60784f7 |
eu-central-1 |
- In your VPC Console, go to PrivateLink and Lattice > Endpoints, and then click Create endpoint.
- Select PrivateLink ready partner services, and then enter the service name for your edge deployment.
- Under Service Region, turn on Cross-region endpoint, and then select the service region for your edge deployment. This is the region where the Axiom service is hosted, and it's independent of your VPC's region.
- Click Verify service.
- Select the VPC and subnets that you want to connect to the Axiom VPC service endpoint. Ensure that Enable DNS name is turned on and the security group accepts inbound traffic on TCP port
443. - Finish the setup and wait for the VPC endpoint to become available. This usually takes 10 minutes.