Private Networking Support

Immuta SaaS supports private connectivity to customer data platforms over both AWS PrivateLink and Azure Private Link. Customers with security and/or compliance requirements to ensure that their data platforms are not routable over the public internet (even with a firewall in place) can have private networking configured to ensure that their standards are met.

Overview

Although AWS PrivateLink and Azure Private Link differ in their implementation details, they are fundamentally similar offerings. Customers can expose private services on AWS or Azure networks that Immuta can establish a connection to. How this is done can vary significantly by both data platform and hosting cloud provider, which is why this documentation has been broken down into specific instructions for each combination in the support matrix below.

AWS
Azure

Amazon Redshift

N/A

Amazon S3

N/A

Azure Synapse Analytics

N/A

Not Yet Supported

Over time, the breadth and depth of private networking support will continue to grow. If there are specific data platforms and/or cloud providers that you require, which are either not listed or not yet supported, please contact your Immuta representative.

Private networking across regions and global segments

Immuta SaaS's global network is divided into large geographic regions called global segments. All Immuta SaaS tenants are deployed into an AWS region inside their chosen segment.

Occasionally, customers require that they be able to connect to data sources outside of that region. To meet those needs, Immuta SaaS supports both cross-region and cross-global-segment connectivity.

Cross-region private networking

This involves connecting to data sources in a different region within a given global segment.

Examples:

  • a tenant in us-east-1 needs to connect to a Snowflake account in AWS'sus-east-2 region.

  • a tenant in us-west-2 needs to connect to an Azure Databricks workspace in the westus2 region.

Cross-global-segment private networking

This involves connecting to data sources in a region outside of the tenant's global segment.

Examples:

  • a tenant in the EU Global Segment needs to connect to a Snowflake account in us-east-2.

  • a tenant in the AP Global Segment needs to connect to a Starburst instance hosted in Azure's eastus2 region.

Last updated

Self-managed versions

2024.32024.22024.1

Copyright © 2014-2024 Immuta Inc. All rights reserved.