Until now, IBM Analytics Engine (IAE) clusters were accessible only over the public network, by default. IAE clusters can now be deployed with private service endpoints.
Private service endpoints enable users to create IAE clusters accessible only within the IBM Cloud network. The article “Secure access to services using service endpoints” explains more about private service endpoints.
The IAE documentation provides exact steps that will walk you through how to provision a cluster with private service endpoints.
To access private service endpoints, you have to enable VRF and Service Endpoint on your IBM Cloud account. For instructions, refer to the “Enabling VRF and service endpoints“ document.
Benefits of using private service endpoints for IBM Analytics Engine (IAE)
- Traffic between IAE clients and private service endpoints remains within the IBM Cloud network, making it more secure.
- Private service endpoints are accessible from servers that are not on the public network.
- Inbound and outbound traffic on the private network is unlimited and not charged—previously, you’d be billed for egress bandwidth when talking to an IBM Cloud service.
When should you order a private vs. public endpoint IAE cluster?
- If you plan to access an IAE cluster only from servers within IBM Cloud, you can provision private endpoint clusters. For example, if you plan to connect to an IAE cluster from an IBM Watson Studio notebook.
- If you need to access an IAE cluster from applications outside of IBM Cloud, you can order public endpoint clusters.
Next steps
Review the IBM Cloud documentation to learn more about private endpoints.
Learn more about provisioning IBM Analytics Engine (IAE) clusters with private endpoints.