Skip to main content

Creating a VPC Endpoint

Preventing the exposure of your traffic outside your VPC and its associated services entails creating endpoints to serve as authorized traffic destinations. This effectively creates an elastic network interface within your subnet where each endpoint's private IP address serves as entry points for traffic bound to a specific service, such as Dremio. For additional information, see VPC endpoints.

To create a VPC endpoint for Dremio, perform the following steps:

  1. Go to the AWS Management Console and sign in with your credentials.

  2. Navigate to Services > Networking & Content Delivery > VPC.

  3. Select Endpoints from the side navigation bar.

  4. Click the Create endpoint button in the top right.

  5. On the Create endpoint page, set the following:

    a. (Optional) For Name tag, enter a name for your endpoint.

    b. Under Service category, select Other endpoint services.

    c. Under Service settings, enter the service name that matches your AWS region, as provided in the Regional Service Names table below.

    d. Click the Verify service button to ensure the service name is found. If you encounter an issue with the connection, check to ensure the service name is correct and make sure your AWS console is in the matching region as the Service name (e.g., US West (Oregon) for us-west-2).

    e. For Subnets, check the box next to your availability zone, select the desired subnets to support with this endpoint, and select your IP address type. It is okay if all subnets are selected as over-provisioning as it won't prevent access--otherwise select the subnet(s) being used to connect to Dremio.

    f. Disable Enable DNS name, unless your organization is specifically configured to use an AWS DNS Private Hosted Zone. If you are unsure, we recommend disabling "Enable DNS name".

    g. For Security group, check the box next to the security group to select.

  6. Click the Create endpoint button.

note

Save the VPC endpoint ID in a location that you can retrieve it from after your VPC is set up.

Obtaining the Endpoint ID

Once the endpoint has been created, you'll need to obtain the Endpoint ID, which is used within Dremio Cloud service to fully configure the route traffic will follow.

To locate your Endpoint ID, perform the following steps:

  1. From VPC > Endpoints, locate the endpoint that you created from the list shown. After creating the endpoint, the status for the endpoint may initially display as pending, and may take several minutes to complete. When complete, it will display as available.
  2. Click the Subnets tab at the bottom of the screen and verify all associated subnets are fully provisioned and have IPv4 addresses assigned.
  3. Copy the Endpoint ID for the endpoint, this is needed later within Dremio Cloud to complete the service's configuration.

Return to the Cloud setup process with the Endpoint ID. If you are currently configuring a manual installation of Dremio, use this in the Cloud Connection step.

Regional Service Names

Refer to the below chart for the service name that matches the AWS region that you are deploying Dremio Cloud.

AWS RegionService Name
US East (N. Virginia)com.amazonaws.vpce.us-east-1.vpce-svc-0646dfd77e827498f
US East (Ohio)com.amazonaws.vpce.us-east-2.vpce-svc-0d7d5e03d0d0a1ec0
US West (N. California)com.amazonaws.vpce.us-west-1.vpce-svc-00c253335234500d5
US West (Oregon)com.amazonaws.vpce.us-west-2.vpce-svc-03262d9ba3d60bf56
Canada (Central)com.amazonaws.vpce.ca-central-1.vpce-svc-0290a1584e014863b
Europe (Frankfurt)com.amazonaws.vpce.eu-central-1.vpce-svc-05fc73aaa6755a791
Europe (Ireland)com.amazonaws.vpce.eu-west-1.vpce-svc-06058933a08c6c279
Europe (London)com.amazonaws.vpce.eu-west-2.vpce-svc-05dab50fd13de8a29
Europe (Paris)com.amazonaws.vpce.eu-west-3.vpce-svc-043466a3d25284211