Skip to content

Commit

Permalink
Fixed all links in AWS, GCP VPC connection docs.
Browse files Browse the repository at this point in the history
  • Loading branch information
@jramnara
jramnara committed Mar 29, 2024
1 parent 4b36846 commit 894d9a1
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 32 deletions.
26 changes: 12 additions & 14 deletions docs/Using AWS GCP private VPC connections/Setting up AWS Private Link.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,18 +28,15 @@ AWS PrivateLink can be enabled using the SkySQL Portal, SkySQL DBaaS API, or Sky

### **Enable AWS PrivateLink on Service Launch**

To enable AWS PrivateLink when launching a new service via the SkySQL Portal:

1. Initiate service launch using the procedure at [Service Launch](https://mariadb.com/docs/skysql-dbaas/service-management/nr-launch/).
2. When you get to the final "Security" section, select "Enable Private Link".
To enable AWS PrivateLink when launching a new service via the SkySQL Portal all you need to do is select the 'Enable Private link' option in the 'Security' section.

For the next step, see the [AWS Endpoint Setup](#aws-endpoint-setup) section on this page.

### **Enable AWS PrivateLink on Existing SkySQL Service**

To enable AWS PrivateLink for an existing service via the SkySQL Portal:

1. Log in to the [Portal](https://mariadb.com/docs/skysql-dbaas/working/nr-portal/).
1. Log in to the SkySQL Portal
2. Click the "MANAGE" button (at right) for the desired service.
3. In the context menu, choose the "Set up Private Link" menu item.
4. In the popup window, add one or more AWS account IDs.
Expand All @@ -58,7 +55,7 @@ To disable AWS PrivateLink via the SkySQL Portal:
5. In the popup window, click "I want to disconnect my Private Link".
6. In the popup window, select "Disconnect".
7. After the service restarts, PrivateLink is disabled.
8. Since the service's allowlist was cleared when AWS PrivateLink was previously enabled, you will need to [update the allowlist](https://mariadb.com/docs/skysql-dbaas/security/nr-firewall/#Add_to_the_Allowlist) to allow clients to connect after disabling PrivateLink.
8. Since the service's allowlist was cleared when AWS PrivateLink was previously enabled, you will need to [update the allowlist](../Security/Configuring%20Firewall.md) to allow clients to connect after disabling PrivateLink.

## AWS Endpoint Setup

Expand Down Expand Up @@ -96,7 +93,7 @@ The newly created endpoint now authorizes the internal IPs or security groups th

To enable AWS PrivateLink when launching a new service via the SkySQL DBaaS API:

1. Initiate service launch using the procedure at "[DBaaS API Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/dbaas-api-launch-walkthrough/)".
1. Initiate service launch using the procedure at "[DBaaS API Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20REST%20API.md).
2. When you are creating the request, add the `"endpoint_mechanism"` and `"endpoint_allowed_accounts"` attributes to the JSON payload:
1.

Expand All @@ -111,7 +108,7 @@ To enable AWS PrivateLink when launching a new service via the SkySQL DBaaS API:
- Set `"endpoint_mechanism"` to `"privateconnect"`
- Set `"endpoint_allowed_accounts"` to a JSON array of one or more customer account IDs in AWS that will be allowed to establish a private connection to the SkySQL service

For the next step, see the [Connectivity](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#Connectivity), [Controls](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#Controls), & [AWS Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#AWS_Endpoint_Setup) sections on this page.
For the next step, go through the AWS Endpoint setup section.

### **Enable AWS PrivateLink on Existing SkySQL Service**

Expand Down Expand Up @@ -175,7 +172,7 @@ The output will look something like this, though your values will vary:

If you are not using `jq`, scan (or parse) the full returned JSON data to ensure the service status is "ready" and find the associated values described above.

For the next step, see the [Connectivity](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#Connectivity)[Controls](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#Controls), & [AWS Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#AWS_Endpoint_Setup) sections on this page.
For the next step, go through the AWS Endpoint Setup section.

### **Disable AWS PrivateLink**

Expand Down Expand Up @@ -253,15 +250,16 @@ curl -H "Authorization: Bearer ${API_KEY}" \

## Setup AWS Private link using Terraform Provider

For general instructions on using the SkySQL Terraform Provider, see "[Terraform Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/terraform-launch-walkthrough/)".
For general instructions on using the SkySQL Terraform Provider, see "[Terraform Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md)

For an example Terraform configuration that enables AWS PrivateLink, see Resources section [here](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md).

For an example Terraform configuration that enables AWS PrivateLink, see "[https://github.com/mariadb-corporation/terraform-provider-skysql/tree/main/examples/privateconnect](https://github.com/mariadb-corporation/terraform-provider-skysql/tree/main/examples/privateconnect)".

### **Enable AWS PrivateLink on Service Launch**

To enable AWS PrivateLink when launching a new service via the SkySQL Terraform provider:

1. Initiate service launch using the procedure at "[Terraform Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/terraform-launch-walkthrough/)".
1. Initiate service launch using the procedure at "[Terraform Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md) .
2. When you are configuring the `skysql_service` resource, add the `endpoint_mechanism` and `endpoint_allowed_accounts` attributes.

For example, the attributes can be placed after `ssl_enabled`:
Expand All @@ -276,7 +274,7 @@ To enable AWS PrivateLink when launching a new service via the SkySQL Terraform
- Set `endpoint_allowed_accounts` to a comma-separated list of one or more customer account IDs in AWS that will be allowed to establish a private connection to the SkySQL service
3. Continue the rest of the procedure.

For the next step, see the [AWS Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#AWS_Endpoint_Setup) sections on this page.
For the next step, see the AWS Endpoint Setup section on this page.

### **Enable AWS PrivateLink on Existing SkySQL Service**

Expand All @@ -293,7 +291,7 @@ To enable AWS PrivateLink for an existing service via the SkySQL Terraform provi
```
For the next step, see the [AWS Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-aws-privatelink/#AWS_Endpoint_Setup) sections on this page.
For the next step, see the AWS Endpoint Setup section on this page.
### **Disable AWS PrivateLink**
Expand Down
37 changes: 19 additions & 18 deletions ...Using AWS GCP private VPC connections/Setting up GCP Private Service Connect.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,32 +29,33 @@ To enable GCP Private Service Connect when launching a new service via the SkySQ

- When you get to the final "Security" section, select "Enable Private Service Connect".

For the next step, see the [GCP Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-gcp-private-service-connect/#GCP_Endpoint_Setup) sections on this page.
For the next step, see the [GCP Endpoint Setup](#gcp-endpoint-setup) sections on this page.


### **Enable GCP Private Service Connect on Existing SkySQL Service**

To enable GCP Private Service Connect for an existing service via the SkySQL Portal:

1. Log in to the [Portal](https://mariadb.com/docs/skysql-dbaas/working/nr-portal/).
1. Log in to the SkySQL Portal.
2. Click the "MANAGE" button (at right) for the desired service.
3. In the context menu, choose the "Set up Private Service Connect" menu item.
4. In the popup window, add one or more GCP project IDs.
5. Click the "OK" button to confirm this operation.

For the next step, see the [GCP Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-gcp-private-service-connect/#GCP_Endpoint_Setup) sections on this page.
For the next step, see the [GCP Endpoint Setup](#gcp-endpoint-setup) sections on this page.

### **Disable GCP Private Service Connect**

To disable GCP Private Service Connect via the SkySQL Portal:

1. Visit the [SkySQL Portal](https://mariadb.com/docs/skysql-dbaas/working/nr-portal/)
1. Visit the SkySQL Portal.
2. Find the service that you would like to modify.
3. Click "MANAGE" on the far right side of the service listing.
4. In the context menu, select "Manage Private Service Connect".
5. In the popup window, click "I want to disconnect my Private Service Connect".
6. In the popup window, select "Disconnect".
7. After the service restarts, Private Service Connect is disabled.
8. Since the service's allowlist was cleared when GCP Private Service Connect was previously enabled, you will need to [update the allowlist](https://mariadb.com/docs/skysql-dbaas/security/nr-firewall/#Add_to_the_Allowlist) to allow clients to connect after disabling Private Service Connect.
8. Since the service's allowlist was cleared when GCP Private Service Connect was previously enabled, you will need to [update the allowlist](../Security/Configuring%20Firewall.md) to allow clients to connect after disabling Private Service Connect.

## GCP Endpoint Setup

Expand Down Expand Up @@ -91,21 +92,21 @@ We recommend use of a subnet dedicated to Private Service Connect endpoints in t
1. In the GCP console, navigate Network services → Private Service Connect → CONNECTED ENDPOINTS → CONNECT ENDPOINT.

2. Configure the endpoint connection:
Target: Published service
Target service: the value of the "Fully Qualified Domain Name" in the "Connect" window from SkySQL portal.
Endpoint name: set to the Database ID from SkySQL (dbxxxxxxxx)
Network: select the VPC network where the application is running
Subnetwork: select the subnet where the static internal IP address is reserved
IP address: select the reserved internal IP address from the prior step
Click "ADD ENDPOINT".
- Target: Published service
- Target service: the value of the "Fully Qualified Domain Name" in the "Connect" window from SkySQL portal.
- Endpoint name: set to the Database ID from SkySQL (dbxxxxxxxx)
- Network: select the VPC network where the application is running
- Subnetwork: select the subnet where the static internal IP address is reserved
- IP address: select the reserved internal IP address from the prior step
- Click "ADD ENDPOINT".

## Setting up GCP PSC using SkySQL REST API

### **Enable GCP PSC on Service Launch**

To enable GCP Private Service Connect when launching a new service via the SkySQL DBaaS API:

1. Initiate service launch using the procedure at "[DBaaS API Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/dbaas-api-launch-walkthrough/)".
1. Initiate service launch using the procedure at "[DBaaS API Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20REST%20API.md)".
2. When you are creating the request, add the `"endpoint_mechanism"` and `"endpoint_allowed_accounts"` attributes to the JSON payload:

```json
Expand All @@ -119,7 +120,7 @@ To enable GCP Private Service Connect when launching a new service via the SkySQ
- Set `"endpoint_mechanism"` to `"privateconnect"`
- Set `"endpoint_allowed_accounts"` to a JSON array of one or more customer project IDs in GCP that will be allowed to establish a private connection to the SkySQL service

For the next step, see the [GCP Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-gcp-private-service-connect/#GCP_Endpoint_Setup) sections on this page.
For the next step, see the [GCP Endpoint Setup](#gcp-endpoint-setup) sections on this page.

### **Enable GCP Private Service Connect on Existing SkySQL Service**

Expand Down Expand Up @@ -183,7 +184,7 @@ The output will look something like this, though your values will vary:

If you are not using `jq`, scan (or parse) the full returned JSON data to ensure the service status is "ready" and find the associated values described above.

For the next step, see the [GCP Endpoint Setup](https://mariadb.com/docs/skysql-dbaas/security/nr-private-connections/nr-gcp-private-service-connect/#GCP_Endpoint_Setup) sections on this page.
For the next step, see the [GCP Endpoint Setup](#gcp-endpoint-setup) sections on this page.

### **Disable GCP PSC**

Expand Down Expand Up @@ -263,15 +264,15 @@ curl -H "Authorization: Bearer ${API_KEY}" \

GCP Private Service Connect can be enabled with Terraform using the SkySQL Terraform provider.

For general instructions on using the SkySQL Terraform Provider, see "[Terraform Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/terraform-launch-walkthrough/)".
For general instructions on using the SkySQL Terraform Provider, see "[Terraform Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md) .

For an example Terraform configuration that enables GCP Private Service Connect, see "[https://github.com/mariadb-corporation/terraform-provider-skysql/tree/main/examples/private-service-connect](https://github.com/mariadb-corporation/terraform-provider-skysql/tree/main/examples/private-service-connect)".
For an example Terraform configuration that enables GCP Private Service Connect, see Resources section [here](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md) .

### **Enable GCP Private Service Connect on Service Launch**

To enable GCP Private Service Connect when launching a new service via the SkySQL Terraform provider:

1. Initiate service launch using the procedure at "[Terraform Launch Walkthrough](https://mariadb.com/docs/skysql-dbaas/nr-quickstart/terraform-launch-walkthrough/)".
1. Initiate service launch using the procedure at "[Terraform Launch Walkthrough](../Quickstart/Launch%20DB%20using%20the%20Terraform%20Provider.md).
2. When you are configuring the `skysql_service` resource, add the `endpoint_mechanism` and `endpoint_allowed_accounts` attributes:

For example, the attributes can be placed after `ssl_enabled`:
Expand Down

0 comments on commit 894d9a1

Please sign in to comment.