We are adding support for PrivateLink for all our customers using Azure. PrivateLink lets you connect securely from the servers in your resource group to the AMQP brokers on CloudAMQP. The data is secure and never leaves the Azure network.
With PrivateLink, you can connect to a CloudAMQP cluster as if they were in the same local network. PrivateLink is enabled in the CloudAMQP console, which creates a PrivateLink Service in the VPC where the brokers live. Then you create a PrivateLink in your resource group and connect it to CloudAMQP, which will add a new network interface inside your resource group and you use that to communicate with the brokers instead. So, rather than connect to the broker using the default hostname, you connect to the IP of that local network interface, which forwards all traffic over PrivateLink to the broker.
You can connect more than one resource group simply by adding a PrivateLink resource to each group. They don't even have to be in the same region as the CloudAMQP brokers.
How to enable PrivateLink
Go to the CloudAMQP Console and navigate to the list of all instances. Click Edit and then PrivateLink, as shown in the diagram below.
This menu displays the option to enable PrivateLink. Don’t forget to click Save.
A new menu item will appear, called PrivateLink, including all configuration settings.
Enabling PrivateLink takes somewhere between 1-3 minutes, and the setup time may vary depending on how your cluster is currently configured.
Note: If your cluster was set up before 2022-01-31, the setup will take more time and it will also require downtime for each server in the resource group. The reason for this is that the network interface must be reconfigured for each server and that requires downtime.
Once everything is configured and the PrivateLink Service is up and running, it’s time to specify who should have access. In Azure PrivateLink, access can only be allowed by identifying the subscription ID, but multiple IDs can be listed. Once you have added a subscription ID to the allow list, you can create a PrivateLink resource in that subscription and connect. All PrivateLink connections are listed in the UI.
Pricing
The cost for PrivateLink is $99/month, but as with all our other products, you only pay what you use. If you stop using PrivateLink after 10 days you only pay for 10 days, and so on.
For more information on Azure PrivateLink, go to https://docs.microsoft.com/en-us/azure/private-link/private-link-overview
If you have any questions about the setup process and the extra time required, reach out to our support team and they will help out!
Until next time,
/Magnus Landerblom and the CloudAMQP team
