No results for ""
EXPAND ALL
  • Home
  • API docs

AWS PrivateLink

Read time: 2 minutes
Last edited: Dec 14, 2024
The AWS PrivateLink integration is available to customers on select plans

The AWS PrivateLink integration is only available to customers on select plans. To learn more, read about our pricing. To upgrade your plan, contact Sales.

Overview

This topic explains how to configure and use the PrivateLink integration for LaunchDarkly.

The PrivateLink integration lets you configure AWS PrivateLink to route your event egress traffic through the AWS network backbone. Sending event egress traffic through PrivateLink can significantly reduce NAT Gateway and internet data transfer costs. Additionally, it lets you enforce stricter egress firewalls because none of the traffic to LaunchDarkly will traverse the public internet.

Prerequisites

Before you can configure PrivateLink, we'll need to add your AWS account to our allowlist. Contact your LaunchDarkly account manager or our Support team to get started.

Region availability

The LaunchDarkly PrivateLink integration is available in the following AWS regions and availability zones:

  • us-east-1
    • us-east-1d (use1-az1)
    • us-east-1a (use1-az2)
    • us-east-1e (use1-az3)
    • us-east-1b (use1-az4)
    • us-east-1f (use1-az5)
    • us-east-1c (use1-az6)

Note that for other regions, you can use VPC Peering

Configure the LaunchDarkly integration in the AWS Console

Infrastructure as Code

This section describes how you use the AWS Console to configure the integration. You can also use Terraform or CloudFormation to configure the integration.

To configure the integration in the AWS Console:

  1. Go to the AWS VPC Console in the us-east-1 region.
  2. Click on Endpoints in the left navigation pane.
  3. Click the Create Endpoint button in the top right. The Create Endpoint page appears.
  4. Enter your endpoint name, select "PrivateLink Ready partner services" as the category, enter com.amazonaws.vpce.us-east-1.vpce-svc-02ce0367b7e976a75 as the service name, and click Verify Service.
The "Service Name" portion of the "Create Endpoint" form.
The "Service Name" portion of the "Create Endpoint" form.
  1. Select the VPC to connect to the endpoint from.
  2. Select "Enable DNS Name" in Additional Settings. This enables events.launchdarkly.com to resolve to this endpoint from within this VPC.
The "Enable DNS Name" setting.
The "Enable DNS Name" setting.
  1. Select subnets to use for the Availability Zones that you would like the endpoint to exist in.
  2. Select or create a Security Group that will allow inbound access on port 443 from the VPC.
  3. Click Create Endpoint. The endpoint enters a Pending state. When the endpoint has been provisioned and becomes Available, traffic will begin to route through it.

To learn more, read Interface Endpoint Configuration and CloudWatch metrics for PrivateLink.