Skip to end of banner
Go to start of banner

Using a Bastion to Connect with PiSaas

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

There are two key ways of connecting your data with a PiSaas deployment that are dependent on the level of risk you’re willing to accept.

Database in a Publically Accessible Subnet

If your database is hosted in a publically accessible subnet, you can whitelist our PiSaas IPv4 address 54.216.240.181. With AWS, this is adding this IP address to the inbound section on the NACLS and security groups. Working with Azure, add this IP address to the inbound firewall settings on the connection security tab on your database.

Bastion Hosts for Private Subnets

It’s possible to connect to your database using a publically available bastion as a jump host. Use an EC2 instance deployed in a public subnet with inbound rules from our Pisaas IPv4 address 54.216.240.181 and outbound rules to your database. The port for this should be 22. Set the inbound on the database to accept connections from the bastion host security group. The port allocation between the bastion and the database should match that of your database.

Configuration

Pisaas administrators will need:

  • Bastion public IP address

  • Bastion host PEM key

  • Database hostname

  • Database host port

When connecting to your database from Panintelligence running in Pisaas, you should specify “localhost” as the host, along with your regular database connection details. Be sure the port you specify in Panintelligence is the same as that supplied to the Pisaas administration team.

  • No labels