Skip to content

Clarify PrivateLink Endpoints in README #317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Aug 6, 2020
Merged

Clarify PrivateLink Endpoints in README #317

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
dd17545
Clarify PrivateLink Endpoints in README
nhinsch Aug 6, 2020
985db07
Update README.md
nhinsch Aug 6, 2020
c9f708b
Fix typo
nhinsch Aug 6, 2020
5c96a8e
Use numbers
nhinsch Aug 6, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 7 additions & 5 deletions aws/logs_monitoring/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -100,15 +100,17 @@ If you can't install the Forwarder using the provided CloudFormation template, y

## AWS PrivateLink Support

Configure the Forwarder using AWS PrivateLink to run in a VPC.
You can run the Forwarder in a VPC by using AWS PrivateLink.

1. Follow the [setup instructions](https://docs.datadoghq.com/agent/guide/private-link/?tab=logs#create-your-vpc-endpoint) for adding Datadog's endpoints to your VPC.
2. By default, the Forwarder's API key is stored in the Secrets Manager. The secrets manager endpoint needs to be added to the VPC. You can follow the instructions [here for adding AWS services to a VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html#create-interface-endpoint).
3. When in installing the Forwarder with the CloudFormation template, enable 'DdUsePrivateLink' and set at least one Subnet Id and Security Group.
1. Follow the [setup instructions](https://docs.datadoghq.com/agent/guide/private-link/?tab=logs#create-your-vpc-endpoint) for adding Datadog's **API** endpoint to your VPC.
2. Follow the [same procedure](https://docs.datadoghq.com/agent/guide/private-link/?tab=logs#create-your-vpc-endpoint) to add Datadog's **Logs** endpoint to your VPC.
3. By default, the Forwarder's API key is stored in the Secrets Manager. The secrets manager endpoint needs to be added to the VPC. You can follow the instructions [here for adding AWS services to a VPC](https://docs.aws.amazon.com/vpc/latest/userguide/vpce-interface.html#create-interface-endpoint).
4. When installing the Forwarder with the CloudFormation template, enable 'DdUsePrivateLink' and set at least one Subnet Id and Security Group.

### AWS PrivateLink Limitations

Currently, AWS PrivateLink can only be configured with Datadog organizations in the Datadog US region. Trace forwarding is also unsupported.
* AWS PrivateLink can only be configured with Datadog organizations in the Datadog US region.
* Trace forwarding is currently unsupported via AWS PrivateLink.

## Troubleshooting

Expand Down