CloudVPC & Private Link

VPC & Private Link

Configure AWS PrivateLink or Azure Private Endpoint so your centralized data never transverses the public internet during heavy extraction and transformation processes.

Air-Gapped Cloud Security

Connecting external ETL pipelines strictly to your internal VPC subnets usually requires archaic IP allowlisting policies or highly unstable reverse-SSH tunnels, which enterprise network security administrators deeply detest and often rigidly block.

DataFlow AI fundamentally re-architects this approach. The Private Link architecture natively provides a mathematically proven, secure tunnel extending directly from our orchestrated Control Plane straight into your deeply internal private subnets, occurring completely without public internet egress mapping.

SOC2 & HIPAA Compliance

Because Private Link tunnels traverse the underlying proprietary optical fiber backbone of AWS/Azure directly, all ingested PII data strictly bypasses standard ISP architectures. This instantly allows internal audit teams to effortlessly map strict SOC2 Type 2 controls securely onto DataFlow AI.

Enabling Connection Strategies

If your primary source PostgreSQL cluster completely lacks a public NAT Gateway and sits strictly inside an internal localized boundary (e.g. subnet-production-10.0.1.X), connection requires configuring endpoint routing matching the exact SaaS provider signature.

Provision the Core Endpoint

Navigate carefully into your AWS or Azure Cloud Console infrastructure settings. Explicitly target a new Private Link Endpoint mapping exactly towards the DataFlow AI SaaS central Account identifier (`arn:aws:iam::dataflow-ai`).

Attach Ingress Architectures

Ensure you firmly append a secure Ingress Security Group to the constructed endpoint matching our dynamically published logical Elastic Interface Nodes structure precisely. This selectively permits only specific packet geometries to ingress fully through the network hop.

Mount the Platform Connector

Once structurally accepted fully on the console topology side, navigate directly back towards the Connectors UI page inside DataFlow AI. Securely select "Connect securely via Internal Private Link". You will never jump through volatile VPN proxy hops ever again.