Configure API Task for Private Database Access
- Updated: 2024/08/20
Configure API Task for Private Database Access
This guide outlines the steps involved in securely connecting an API Task to a private database within a Virtual Private Cloud (VPC) using a Network Load Balancer (NLB) in a public subnet. This configuration provides a secure and scalable way to access the database from the API Task while maintaining isolation within the private network.
Key Components:
- VPC: A virtual private cloud network.
- Public Subnet: Hosts the network load balancer and internet gateway.
- Private Subnet: Contains the EC2 instance running the database.
- Network Load Balancer: Distributes traffic across multiple EC2 instances.
- API Task: An API-based cloud automation solution.
Configuration Steps:
- Create VPC and Subnets: Set up a VPC with public and private subnets.
- Configure Network Load Balancer:
- Place the load balancer in the public subnet.
- Associate it with the internet gateway.
- Create a listener (e.g., port 443 for HTTPS).
- Configure target groups for the EC2 instance(s) hosting the database.
- Whitelisted API Task IPs: Add the IP addresses of your API Tasks to the load balancer's whitelist. For more information, see API Task IP addresses for external integrations.
- Configure EC2 Instance:
- Launch an EC2 instance in the private subnet.
- The EC2 instance hosts database software (e.g., Microsoft SQL Server). For instance, if you are using Microsoft SQL Server then open port 1443 (or the appropriate database port) on the EC2 instance's security group.
Note: SQL Server uses TCP port 1433 as the default for communication. In this configuration, the network load balancer forwards traffic to the database instance in the private subnet on this port. - Configure API Task:
- In the Control Room, create an API Task.
- Set the API Tasks endpoint to the public IP address of the network load balancer.
- Configure authentication and authorization settings as needed.
SQL Server Authentication: The supported authentication method for SQL Server is username and password.