# AWS PrivateLink for Redshift

AWS PrivateLink provides private connectivity from the Immuta SaaS platform to Redshift clusters hosted on AWS. It ensures that all traffic to the configured endpoints only traverses private networks.

This feature is supported in most regions across Immuta's global segments (NA, EU, and AP); contact your Immuta representative if you have questions about availability.

<figure><img src="/files/pok5BVlvKR3sKEwF1MKh" alt=""><figcaption></figcaption></figure>

## Requirements

* You have an Immuta SaaS tenant.
* You have set up an [AWS PrivateLink Service](https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html) for your Redshift Cluster endpoints.
  * When creating the service, make sure that the **Require Acceptance** option is checked (this does not allow anyone to connect, all connections will be blocked until the Immuta service principal is added).

## Configure Redshift with AWS PrivateLink

1. Open a support ticket with [Immuta Support](https://support.immuta.com) with the following information:
   * AWS region
   * AWS subnet availability zones IDs (e.g. `use1-az3`; these are **not** the account-specific identifiers like `us-east-1a` or `eu-west-2c`)
   * VPC endpoint service ID (e.g., `vpce-0a02f54c1d339e98a`)
   * Ports used
2. [Authorize the service principal](https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permissions) provided by your representative so that Immuta can complete the VPC endpoint configuration.
3. [Configure the Redshift integration](/SaaS/configuration/integrations/redshift/amazon-redshift-view-based-integration/configure-an-amazon-redshift-spectrum-integration.md).
4. [Register your tables as Immuta data sources](/SaaS/configuration/integrations/data-and-integrations/registering-metadata/register-data-sources/redshift-tutorial.md).


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://documentation.immuta.com/SaaS/configuration/application-configuration/how-to-guides/private-networking-support/data-connection-private-networking/redshift-privatelink.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.