Accessing virtual private endpoints in specific regions
After you create your VPC, you can create a virtual private endpoint (VPE) to connect to Key Protect for your data encryption needs. The VPE allows you to access Key Protect within your VPC network.
You can configure the VPE to use IP addresses of your choice from a subnet within your VPC. VPEs bind to a VPE gateway and serve as an intermediary that enables your workload to interact with Key Protect.
Before you begin
Before you target a VPE for Key Protect:
- Make sure that you have provisioned a Virtual Private Cloud.
- Make sure that you have conducted planning for Virtual Private Endpoints.
- Make sure that you set the correct access controls for your VPE.
- Understand the limitations of having a VPE.
- Make sure that you created a VPE gateway and understand how to access it.
- Understand how to view details of a VPE.
You might need to manually update VPE settings, specifically the Internet Protocol (IP) address, during Disaster recovery and business continuity actions.
Virtual Private Service Endpoints
The following table lists regions where Key Protect supports VPE. It also lists the Key Protect endpoints that are supported from each region. You can connect to Key Protect in another region by using supported endpoints. For example, from the
Sydney region, you can use Key Protect in the us-south region by using the us-south endpoint.
When you connect to a VPE by using the CLI or API, specify the CRN of the region that you use to connect to Key Protect. Use the following table to locate the CRN of the target region.
| Region | Endpoints Supported in Region | CRN |
|---|---|---|
| Dallas | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |
|
| Washington | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |
|
| Sydney | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |
|
| Tokyo | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |
|
| London | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |
|
| Frankfurt | ||
private.us-south.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-south:::endpoint:private.us-south.kms.cloud.ibm.com |
|
private.us-east.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:us-east:::endpoint:private.us-east.kms.cloud.ibm.com |
|
private.eu-gb.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-gb:::endpoint:private.eu-gb.kms.cloud.ibm.com |
|
private.eu-de.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:eu-de:::endpoint:private.eu-de.kms.cloud.ibm.com |
|
private.au-syd.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:au-syd:::endpoint:private.au-syd.kms.cloud.ibm.com |
|
private.jp-tok.kms.cloud.ibm.com |
crn:v1:bluemix:public:kms:jp-tok:::endpoint:private.jp-tok.kms.cloud.ibm.com |