Private Networking Support
Immuta SaaS supports private connectivity to customer data platforms over both AWS PrivateLink and Azure Private Link. Customers with security and/or compliance requirements to ensure that their data platforms are not routable over the public internet (even with a firewall in place) can have private networking configured to ensure that their standards are met.
Overview
Although AWS PrivateLink and Azure Private Link differ in their implementation details, they are fundamentally similar offerings. Customers can expose private services on AWS or Azure networks that Immuta can establish a connection to. How this is done can vary significantly by both data platform and hosting cloud provider, which is why this documentation has been broken down into specific instructions for each combination in the support matrix below.
Amazon S3
N/A
Azure Synapse Analytics
N/A
Not Yet Supported
Over time, the breadth and depth of private networking support will continue to grow. If there are specific data platforms and/or cloud providers that you require, which are either not listed or not yet supported, please contact your Immuta representative.
Private networking across regions and global segments
Immuta SaaS's global network is divided into large geographic regions called global segments. All Immuta SaaS tenants are deployed into an AWS region inside their chosen segment.
Occasionally, customers require that they be able to connect to data sources outside of that region. To meet those needs, Immuta SaaS supports both cross-region and cross-global-segment connectivity.
Cross-region private networking
This involves connecting to data sources in a different region within a given global segment.
Examples:
a tenant in
us-east-1
needs to connect to a Snowflake account in AWS'sus-east-2
region.a tenant in
us-west-2
needs to connect to an Azure Databricks workspace in thewestus2
region.
Cross-global-segment private networking
This involves connecting to data sources in a region outside of the tenant's global segment.
Examples:
a tenant in the EU Global Segment needs to connect to a Snowflake account in
us-east-2
.a tenant in the AP Global Segment needs to connect to a Starburst instance hosted in Azure's
eastus2
region.
Last updated