Using service endpoints to privately connect to IBM Cloud Logs Routing

Before you begin

You can connect to IBM Cloud Logs Routing over a private network by using IBM Cloud private service endpoints (CSE). For more information about CSEs, see the documentation for using service endpoints.

• When you use the classic infrastructure, you connect to resources in your account over the IBM Cloud public network by default. You can enable virtual routing and forwarding (VRF) to move IP routing for your account and all of its resources into a separate routing table. If VRF is enabled, you can then enable IBM Cloud service endpoints to connect directly to resources without using the public network. Enabling VRF and service endpoints.

• Virtual Private Clouds (VPCs) are automatically enabled for virtual routing and forwarding (VRF). To enable service endpoints for your VPC, continue to Enabling service endpoints.

You must first enable virtual routing and forwarding in your account, and then, you can enable the use of IBM Cloud private service endpoints.

ibmcloud account show

ibmcloud account update --service-endpoint-enable true

Setting up service endpoints for IBM Cloud Logs Routing

You can connect to IBM Cloud Logs Routing management API by using either a public endpoint or a private endpoint. A public endpoint can be reached over the internet, whereas a private endpoint can be accessed only from within the IBM Cloud private network.

The ingestion API supports only private endpoints and is therefore not accessible from the public internet.

By default, private and public endpoints are enabled. For more information about supported endpoints, see Endpoints.

Disabling public service endpoints for IBM Cloud Logs Routing

You cannot disable public endpoints.

Disabling private service endpoints

You cannot disable private endpoints.