Skip to main content

Connect to Lumi through AWS PrivateLink

If your security requirements prevent you from transmitting data over the public internet, you can use AWS PrivateLink to establish a private, secure connection to Imply Lumi. AWS PrivateLink lets your AWS virtual private cloud (VPC) communicate with Lumi over private IP addresses, keeping all traffic on the AWS network.

To send events through AWS PrivateLink, you create a VPC endpoint that targets the Lumi endpoint service. The endpoint provides a private connection between your VPC and Lumi. Traffic flows through AWS PrivateLink from your VPC to Lumi Network Load Balancer (NLB), and then to Lumi service backend.

info

All traffic that flows through AWS PrivateLink incurs interface endpoint expenses. For information on interface endpoint pricing, see AWS PrivateLink pricing.

This topic describes how to set up an AWS PrivateLink connection to send events to Lumi.

Prerequisites

To set up DNS with a VPC, verify that your VPC network attributes enableDnsHostnames and enableDnsSupport are set to true. For more information, refer to the official AWS documentation on DNS attributes.

Create a VPC endpoint

Create a VPC endpoint that points to the Lumi VPC endpoint service:

  1. Follow the steps in the AWS documentation to create an interface VPC endpoint.
  2. Select the following options:
    • For Type, select Endpoint services that use NLBs and GWLBs. This option lets you connect to the endpoint service provided by Lumi.
    • For Service name, enter one of the following options. Use the option that corresponds to your Lumi region.
      Lumi regionService name
      us1com.amazonaws.vpce.us-east-1.vpce-svc-00d9d61e24a50a549
      us2com.amazonaws.vpce.us-west-2.vpce-svc-085ac8daec4bf677e
      ap1com.amazonaws.vpce.ap-northeast-1.vpce-svc-06361418d05a8d008
      ap2com.amazonaws.vpce.ap-northeast-2.vpce-svc-04aacc14f033d5ae6
      ap3com.amazonaws.vpce.ap-southeast-7.vpce-svc-00f9cbd0dfe42bb5b
  3. Click Verify service to verify that the service name is correct.
  4. Click Create endpoint. This creates a VPC endpoint in the pendingAcceptance state.
  5. Contact your Imply representative to approve the connection request. Imply must accept the connection request to grant your VPC endpoint access to Lumi services. After Imply accepts the request, the VPC endpoint enters the Available state.

Enable a private DNS name

To route requests from public service endpoints to your VPC endpoint, enable a private DNS name for your VPC endpoint.

Follow the AWS PrivateLink documentation to enable private DNS names for your VPC endpoint. Once the update completes, the endpoint status in the AWS console will change to Available.

After this, you should be able to access Lumi from within VPC.