Same-region Configuration

Use this guide when your AWS resources and your Coralogix domain are hosted in the same AWS region. This is the primary and recommended PrivateLink configuration.

Prerequisites

Review the following requirements before creating the PrivateLink endpoint:

Amazon S3 - If your integration uses Amazon S3 (for example, Lambda-based ingestion), the VPC must have an S3 Gateway Endpoint configured.
AWS Secrets Manager - If your Lambda function retrieves secrets at runtime, you must create an Interface VPC Endpoint for the com.amazonaws.<region>.secretsmanager service.

Set up

Step 1: Identify the Coralogix service

Determine the correct Coralogix PrivateLink service name for your Coralogix domain using the Coralogix PrivateLink endpoints and deployment page for reference. This service represents the entry point for traffic from your VPC to Coralogix.

Step 2: Create the Interface VPC endpoint

In the AWS Console, navigate to VPC, then Endpoints and select Create endpoint.
For Service category, choose PrivateLink Ready partner services.
Enter the Coralogix service name and select Verify service.

Expected result:

If verification fails, contact Coralogix Support.
Select the VPC in which to create the endpoint.

Step 3: Enable private DNS

Select Enable DNS name to enable private DNS names for the endpoint. This allows Coralogix private FQDNs (for example, ingress.private.<your-domain>) to resolve to the private IP addresses of the endpoint network interfaces (ENIs) inside your VPC.

Step 4: Configure security groups

Attach a security group that allows inbound TCP traffic on port 443 to the ENIs.

Step 5: Create endpoint and validate connectivity

Select Create endpoint.

The endpoint status initially appears as Pending. Once the status changes to Available, validate connectivity using one of the following methods.

Send a test log from a resource within the VPC using Coralogix REST API /singles

From a workload inside the VPC (for example, an EC2 instance), run:

# example US region
# telnet ingress.private.us1.coralogix.com
telnet ingress.private.<region-domain> 443

Next steps

If your AWS resources are in a different region than your Coralogix domain, choose one of the following options:

Native Cross-Region PrivateLink (recommended) - Uses AWS-managed cross-region connectivity without VPC peering. Learn more in our AWS PrivateLink: Cross-Region Connectivity guide.
VPC Peering (legacy) - Uses cross-region VPC peering and manual routing. Learn more in our AWS PrivateLink: VPC Peering Configuration guide.
To complete the setup for AWS Lambda, align the VPC configuration with your Lambda function.

Need help? Contact Support.

What's new? Find out here.

LLM? Read llms.txt.

Previous Overview

Next Cross-region Configuration