IBM Cloud Docs
Configuring private endpoints

Configuring private endpoints

NPSaaS network architecture diagram
Image 1. Connectivity flow from a customer on-premises instance to customer cloud to Private Link to NPSaaS as a Service.

Configuring private endpoints for Azure

If you want to connect to your NPSaaS instance on Azure by using Azure PrivateLink, you must create private endpoints in your Azure subscriptions.

  1. Provide your subscription IDs.

    When you create your private endpoint connection, the private link service must approve the request. If you provide the subscription IDs in which they are to be created, your request is approved automatically.

    • If you deployed your instance with private endpoints only, you provided your subscription IDs during provisioning, in step 9. Configure advanced features.

    • If you deployed your instance with public and private endpoints and did not provide your subscription IDs during provisioning, log in to the web console by using the public endpoint and set up the private link service.

      1. Log in to the web console.

      2. Go to Administration > Settings > Private endpoints.

      3. Click Create Private Link.

      4. Type the subscription IDs that you want to use to set up the private endpoints in your Azure account.

        Use the Private Link page to update subscription IDs after private link is created.

      Connecting to NPSaaS
      Image 2. Configure advanced features during provisioning.

  2. Get resource ID or alias. You can get the resource ID either from the NPSaaS web console or the IBM Cloud catalog.

    • The NPSaaS web console:

      1. Log in to the web console.
      2. Go to Administration > Settings > Private endpoints.
      3. Click Create Private Link.

    • The IBM Cloud catalog:

      1. Log in to your IBM Cloud account.
      2. Go to Private endpoints > Service instance details.

  3. Create private endpoints.

    Follow the instructions described in Create a private endpoint.

    During Step 5, when you are in the Resource pane, select Connect to an Azure resource by resource ID or alias and enter the resource ID or alias you retrieved in 2. Get resource ID or alias.

    When the private endpoints are created, the status automatically changes to Approved. A private IP is assigned to each of your private endpoints. The IPs are displayed in Microsoft Azure Portal. Use these details to log in to your instace by using private endpoints.

Configuring private endpoints for AWS

To connect to your NPSaaS on AWS by using AWS PrivateLink, you must create private endpoints in your AWS subscription.

  1. Provide your service principals.

    When you create your private endpoint connection, the private link service must approve the request. Your request is approved automatically if you provide the service principals in which they are to be created.

    • If you deployed your instance with private endpoints, you must have provided your service principals during provisioning, in step 9. Configure advanced features.

    Connecting to NPSaaS
    Image 3. Configure advanced features during provisioning.

  2. Create private endpoints.

    Follow the instructions described in Create a private endpoint.

    When the private endpoints are created, a private hostname is assigned to each of your private endpoints. Use these details to log in to your instace by using private endpoints.