AWS PrivateLink provides private connectivity between virtual private clouds (VPCs), supported AWS services, and your on-premises networks without exposing your traffic to the public internet. Interface VPC endpoints, powered by PrivateLink, connect you to services hosted by Coralogix. While Coralogix monitoring traffic is always secure, PrivateLink provides stable connectivity, a reduction in traffic costs, and even greater security by maintaining data on the AWS network.
This tutorial provides AWS Coralogix PrivateLink endpoints and instructions for standard configuration.
The primary use case for PrivateLink with Coralogix is connectivity for monitored applications running in AWS VPCs. To use Coralogix PrivateLink, you must create a VPC endpoint in the Coralogix AWS region matching your Coralogix domain. This is referred to as same-region VPC.
If your AWS resources to be monitored are in a different region, you can leverage VPC peering to meet the requirements by launching your Lambda in a cross-region VPC, local to the source.
Coralogix exposes the AWS PrivateLink endpoint in all Coralogix AWS regions.
Coralogix Domain | Coralogix AWS Region | Service Name | OpenTelemetry – Otel-Traces Otel-Metrics Otel-Logs | Coralogix Lambda Telemetry | Coralogix Logs | Prometheus RemoteWrite |
coralogix.com | eu-west-1 (Ireland) | com.amazonaws.vpce.eu-west-1.vpce-svc-01f6152d495e211f0 | ingress.private.coralogix.com:443 | ingress.private.coralogix.com:443 | https://ingress.private.coralogix.com/logs/v1/singles | https://ingress.private.coralogix.com/prometheus/v1 |
coralogix.in | ap-south1 (India) | com.amazonaws.vpce.ap-south-1.vpce-svc-0eb807f14d645a973 | ingress.private.coralogix.in:443 | ingress.private.coralogix.in:443 | https://ingress.private.coralogix.in/logs/v1/singles | https://ingress.private.coralogix.in/prometheus/v1 |
coralogix.us | us-east2 (US) | com.amazonaws.vpce.us-east-2.vpce-svc-067fdf46ffae1ed0e | ingress.private.coralogix.us:443 | ingress.private.coralogix.us:443 | https://ingress.private.coralogix.us/logs/v1/singles | https://ingress.private.coralogix.us/prometheus/v1 |
eu2.coralogix.com | eu-north-1 (Stockholm) | com.amazonaws.vpce.eu-north-1.vpce-svc-041b21c87be842c08 | ingress.private.eu2.coralogix.com:443 | ingress.private.coralogixsg.com:443 | https://ingress.private.eu2.coralogix.com/logs/v1/singles | https://ingress.private.eu2.coralogix.com/prometheus/v1 |
coralogixsg.com | ap-southeast-1 (Singapore) | com.amazonaws.vpce.ap-southeast-1.vpce-svc-0e4cd83852ff2869b | ingress.private.coralogixsg.com:443 | ingress.private.coralogixsg.com:443 | https://ingress.private.coralogixsg.com/logs/v1/singles | https://ingress.private.coralogixsg.com/prometheus/v1 |
cx498.coralogix.com | us-west-2 (Oregon) | com.amazonaws.vpce.us-west-2.vpce-svc-0f6436ddb210e5dbb | ingress.private.cx498-aws-us-west-2.coralogix.com:443 | ingress.private.cx498-aws-us-west-2.coralogix.com:443 | https://ingress.private.cx498-aws-us-west-2.coralogix.com:443/logs/v1/singles | https://ingress.private.cx498-aws-us-west-2.coralogix.com:443/prometheus/v1 |
com.amazonaws.<AWS Region>.secretsmanager
service. Detailed instructions can be found here.To use Coralogix PrivateLink, you must create a VPC endpoint in the Coralogix AWS region matching your Coralogix domain. This is referred to as same-region VPC. For example, the coralogix.com
domain is hosted in eu-west-1
. A same-region VPC must be deployed in eu-west-1
.
If your AWS resources to be monitored are in a different region, you can leverage VPC peering to meet the requirements by launching your Lambda in a cross-region VPC, local to the source. Cross-region VPC configuration instructions can be found here.
STEP 1. Create a VPC endpoint.
STEP 2. Name the VPC endpoint and select the service category: PrivateLink Ready partner services.
STEP 3. Input the Service name associated with your Coralogix AWS region, as per the above table.
STEP 4. Click Verify service.
STEP 5. Select a VPC in which to create the endpoint.
STEP 6. Expand the Additional settings section and Enable DNS name.
STEP 7. Select a security group to enable traffic to this VPC endpoint.
STEP 8. Click Create endpoint.
STEP 9. Verify your configuration.
STEP 10. Enter the connected VPC and type the following command, adjusted per region:
#example US region #telnet ingress.private.coralogix.us telnet <ingress.private.<region> 443
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].