Inbound Private Connect allows you to access Treasure Data services over non-public networks and satisfy compliance and security requirements.
Private connect provides for data flow over a dedicated and isolated connection using VPC peering. The peering is between a VPC for each private connect customer and a VPC Treasure Data private endpoint.
Outbound data services are not supported in Private Connect so certain data transfer services operate over the public internet.
Typically, the connectivity is set up through a VPC endpoint, so that your AWS S3 data is not transferred over the public Internet. You can run custom scripts without accessing TD Console. When Private Connect is enabled for your account, it explicitly prevents public internet access to these services:
TD Console
TD Toolbelt
TD CLI
other related TD services
This topic contains:
Private Connect is supported in Google Chrome only.
Static IP addressing within the peer VPC is not supported.
Outbound data services are not supported.
Only some data transfer operations are available over private connect; such as data pushed from customer data centers to Treasure Data.
Certain data transfer services operate over the public internet. These include:
Data Connector Import
Legacy Job Result Export
Table Export
With the exception of using in.treasuredata.com or tokyo.in.treasuredata.com for:
JS SDK
postback
mobile SDK
connectivity between Treasure Data accounts or accessing multiple services within Treasure Data is possible within the same or different availability zones. The accounts or services must be in the same region, because network packets do not go out to the Internet when using Private Connect.
To set up a demo and find out more details about architecture, limitations and setup and testing requirements., contact Customer Support Initial provisioning sets up:
VPC
Subnets
Routing table
Internet Gateways
Network ACL
Security Groups
Application Load Balancer
Peering request to upstream intermediate VPC
Customers will be assigned unique connection IDs during the provisioning phase of the account setup.
For experimentation and testing, a public endpoint can be used.
If you need a staging environment , you can obtain a second production connection assignment.
The availability target is 99.5%.
You can use Auto Scaling Group for updating and monitoring purposes. Treasure Data uses DataDog dashboards.