IBM Cloud Docs
FAQs for virtual private endpoints

FAQs for virtual private endpoints

You might encounter the following frequently asked questions when you use IBM Cloud Virtual Private Endpoints (VPE) for VPC.

Can I map IBM Cloud services to a VPE from the service catalog?

IBM Cloud services cannot be mapped to a VPE from the service catalog during the time of purchase.

Can I map an IBM Cloud service to a Public endpoint?

Public endpoints of IBM Cloud services are not eligible for VPE. VPE can be mapped only to a private endpoint of IBM Cloud services.

Is a VPE created in high-availability mode?

A VPE is not created in high-availability (HA) mode, by default. HA comes primarily from the IBM Cloud service.

Can I access an IBM Cloud service by using a private service endpoint IP address?

When an IBM Cloud service is created, IBM Cloud DNS Services are automatically set up to resolve the IBM Cloud service FQDN to the IBM Cloud private service address.

When a VPE is created, VPE assigns a reserved IP with which you can access the IBM Cloud service. It is recommended to use the reserved IP instead of the IBM Cloud private service endpoint.

Does mapping an IBM Cloud service to an IP address on a VPC network make the service private?

Mapping an IBM Cloud service to an IP address on a VPC network does not make the service private. For example, if a service has a public endpoint, you can still access the public endpoint after the service is mapped.

Does controlling access to an IP on a VPC network that is mapped to a service control access to the mapped service?

Controlling access to an IP address on a VPC network that is mapped to an IBM Cloud service does not control the access to the mapped service itself.

Is there a limit to the number of IP addresses I can bind to an endpoint gateway?

When the reserved IP address that is bound to the endpoint gateway is source NATed on the VPC gateway, it is done by using IP masquerading on the port. As the number of IP addresses bound to the endpoint gateway grows, the number of available ports to masquerade might become a concern.

How many IP addresses can I use for NAT operations on the VPC gateway?

A finite pool of IP addresses is used for NAT operations on the VPC gateway. One IP address is required per VPC per zone.