Selecting connection methods

Explore the different connection methods available for Data Integration, including their advantages and disadvantages, compatibility details, and recommendations.

Connection Option	Pros	Cons	Recommendation	Topics
IP address Allowlist	Simple configuration and management. No additional resources required.	Least secure. Exposes database to the internet. Higher cost. Poor performance. Requires internet ingress connection.	✅ LESS RECOMMENDED Use for open/demo databases with public data only.	Data Integration allowlist IP addresses - Connection Methods
SSH Tunnel	Minimal resource requirements. Easy setup. Database not exposed to the public internet. Quick ingress traffic.	Poor scalability with many connections. Requires instance configuration. SSH instance must be internet-accessible with IP address allowlisting.	✅ MEDIUM RECOMMENDED Use if no other internal AWS options are available.	SSH Tunnel - Connection Methods
AWS PrivateLink	Minimal resource needs. Low to medium infrastructure effort. Unlimited scalability. Secure and managed by AWS. Easy maintenance.	May require additional Lambda provisioning for some resources. Only works within the same AWS region.	✅ HIGHLY RECOMMENDED Ideal for internal AWS resources.	AWS PrivateLink - Connection Methods AWS PrivateLink Setup for Snowflake Connection in Data Integration
Amazon Redshift PrivateLink	Direct integration with Amazon Redshift. High security by avoiding public internet. Reduced latency for data access.	Limited to AWS regions. Requires specific configuration for Amazon Redshift.	✅ HIGHLY RECOMMENDED Best for secure connections to Amazon Redshift.	Amazon Redshift PrivateLink
Azure Private Link	Direct and secure connection to Azure resources. Managed by Azure for scalability and low latency. Simplified network configuration.	Requires additional Azure configuration. Limited to Azure-specific environments.	✅ HIGHLY RECOMMENDED Best for secure connections within Azure.	Azure Private Link Setup
Google Private Service Connect Setup	Secure and private connectivity to Google Cloud resources. Managed by Google for scalability and low latency. Simplified network setup.	Requires Google Cloud environment. Limited compatibility outside Google Cloud.	✅ HIGHLY RECOMMENDED Best for secure connections within Google Cloud.	Google Private Service Connect Setup
VPC Peering	Minimal resource requirements. Low to medium infrastructure effort. Unlimited scalability. Operates on AWS network backbone.	Exposes internal IP addresses to Data Integration and vice versa. Potential IP address collision. Requires strict security measures. Inflexible with VPC changes.	❌ NOT AVAILABLE Not supported due to high-security compliance.
VPN Site-To-Site Customer Gateway	Unlimited scalability. Operates on AWS network backbone.	Medium to high effort. Requires in-depth configuration and maintenance. Less flexible with VPC changes.	✅ MEDIUM RECOMMENDED Best for connecting on-premise resources in internal VPC.	Integrating Data Integration with VPN
Reverse SSH	Low resource requirements. Client-initiated ingress connection.	Requires knowledge of proxy servers. Fully managed by the client. Less flexible with VPC changes. Limited scalability compared to VPN.	✅ MEDIUM RECOMMENDED	Reverse SSH Tunnel

Use the flowchart to determine the best connection method: