question

康夫 大. avatar image
0 Likes"
康夫 大. asked ·

Is it possible to connect managed server and mission control with AWS private link?

Hi all,

I understand the communication of managed server and mission control is safety.
But some company(Like a government or a financial) has the strict security policy. So they want to run Dynatrace with no internet connect .

(As a premise, I heard, In our region, Dynatrace can not provide offline version.)

If the customer's environment can connect Managed Server or Proxy Server on AWS VPC with Direct connect or VPN, is it possible to connect mission control with AWS private link?
(like a following link
https://www.dynatrace.com/support/help/shortlink/aws-privatelink )

Best Regards,
Yasuo Ohnishi

Dynatrace Managedsecurityamazon web servicesmission control
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Krzysztof S. avatar image
0 Likes"
Krzysztof S. answered ·

Radoslaw,

you may have misinterpreted the question, this is not about using a proxy, but about connecting to Dynatrace's MissionControl entirely through AWS backbone using PrivateLink. For that to work, we would need to provide such service endpoint - which we don't as of now.

Only then a customer would be able to setup the endpoint in his VPC and use it for MissionControl.

Yasuo O. - while it is not possible, please be aware that MissionControl link was design not only to be secure, but also to minimize the data sent from the Managed cluster. Also, you have an further options to opt-out of certain types of data if necessary: https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/data-privacy/data-privacy-settings-provided-by-dynatrace-managed/

kind regards,
Kris

· Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Radoslaw S. avatar image
1 Like"
Radoslaw S. answered ·

We haven't tried, but yes that seems feasible. You can specify the proxy server in CMC -> Internet Settings that will route all the traffic from your cluster to Mission Control.

· 3 · Share
10 |2000000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 50.0 MiB each and 250.0 MiB total.

Hi Radoslaw-san, Thank you for your reply!

If we try to check the setting, do we have to request to change setting to Dynatrace for AWS Private link?

Yasuo

0 Likes 0 · ·

Yes, please reach out to us via support or Dynatrace ONE team (chat) so we work together on setting this up, creating VPC endpoint and whitelisting your subnet.

1 Like 1 · ·

Thank you! I will request the teams for the setting.

Yasuo

0 Likes 0 · ·