Create a VPC Endpoint
Preventing the exposure of your traffic outside your VPC and its associated services entails creating endpoints to serve as authorized traffic destinations. This effectively creates an elastic network interface within your subnet where each endpoint’s private IP address serves as entry points for traffic bound to a specific service, such as Dremio. For additional information, see VPC endpoints.
To create a VPC endpoint for Dremio, perform the following steps:
- Navigate to Virtual Private Cloud > Endpoints.
- Click Create Endpoint.
- Under the Service category section, click Find service by name.
- Enter the Service name, as provided in the table below.
- Click Verify to ensure the service name is found.
- If you encounter an issue with the connection, check to ensure the service name is correct. Additionally, make sure your AWS console is in the matching region as the Service name (e.g., US West (Oregon) for
us-west-2)
- If you encounter an issue with the connection, check to ensure the service name is correct. Additionally, make sure your AWS console is in the matching region as the Service name (e.g., US West (Oregon) for
- Select the desired subnets to support with this endpoint. It is okay if all subnets are selected as over-provisioning won’t prevent access–otherwise select the subnet(s) being used to connect to Dremio.
- Disable Enable DNS name, unless your organization is specifically configured to use an AWS DNS Private Hosted Zone. If you are unsure, we recommend disabling “Enable DNS name”.
- Under the Security group section, select or search for the security group you created previously.
- Click Create Endpoint.
Obtaining the Endpoint ID
Once the endpoint has been created, you’ll need to obtain the Endpoint ID, which is used within Dremio Cloud service to fully configure the route traffic will follow.
To locate your Endpoint ID, perform the following steps:
- From VPC > Endpoints, locate the endpoint that you created from the list shown. After creating the endpoint, the status for the endpoint may initially display as pending, and may take several minutes to complete. When complete, it will display as available.
- Click the Subnets tab at the bottom of the screen and verify all associated subnets are fully provisioned and have IPv4 addresses assigned.
- Copy the Endpoint ID for the endpoint, this is needed later within Dremio Cloud to complete the service’s configuration.
Return to the Cloud setup process with the Endpoint ID. If you are currently configuring a manual installation of Dremio, use this in the Cloud Connection step.
Regional Service Names
Refer to the below chart for the service name that matches the AWS region that you are deploying Dremio Cloud.
| AWS Region | Service Name |
|---|---|
| US East (N. Virginia) | com.amazonaws.vpce.us-east-1.vpce-svc-0646dfd77e827498f |
| US East (Ohio) | com.amazonaws.vpce.us-east-2.vpce-svc-0d7d5e03d0d0a1ec0 |
| US West (N. California) | com.amazonaws.vpce.us-west-1.vpce-svc-00c253335234500d5 |
| US West (Oregon) | com.amazonaws.vpce.us-west-2.vpce-svc-03262d9ba3d60bf56 |
| Canada (Central) | com.amazonaws.vpce.ca-central-1.vpce-svc-0290a1584e014863b |
| Europe (Frankfurt) | com.amazonaws.vpce.eu-central-1.vpce-svc-05fc73aaa6755a791 |
| Europe (Ireland) | com.amazonaws.vpce.eu-west-1.vpce-svc-06058933a08c6c279 |
| Europe (London) | com.amazonaws.vpce.eu-west-2.vpce-svc-05dab50fd13de8a29 |
| Europe (Paris) | com.amazonaws.vpce.eu-west-3.vpce-svc-043466a3d25284211 |