Creating Cloudera Private Links Network with VPC option
Learn about how to create Cloudera Private Links Network using the VPC option.
Required Role: EnvironmentCreator or PowerUser
You need to use the following CDP CLI command to create the Cloudera Private Links Network with VPC
option:
cdp cloudprivatelinks create-private-link-endpoint
This command is used to create a private link endpoint in your workload VPC. This establishes the private link connectivity between the VPC endpoint created and the respective VPC endpoint service present in the Cloudera Control Plane. The private link will be created for all supported components.
The following parameters should be specified:
Parameter | Description |
---|---|
enablePrivateDns |
Specifies whether private DNS needs to be enabled on the VPC endpoint. |
awsAccountDetails |
This should have the following fields
|
The following is an example command for creating Cloudera Private Links Network:
cdp cloudprivatelinks create-private-link-endpoint --cloud-service-provider aws
--cli-input-json '{
"enablePrivateDns": true,
"awsAccountDetails": {
"cloudAccountId": "112313717721"
"crossAccountRoleDetails": {
"crossAccountRole":
"arn:aws:iam::112313717721:role/test-privatelinkservice-xaccount-role",
"externalId": "51962fcf-4205-495d-ab4a-c82c5613a99f"
},
"region": "us-west-2",
"vpcId": "vpc-0d006493309f23c3",
"subnetIds": [
"subnet-0e5812d895de60c47"]
}
}'
The executed command performs the following sequence of steps:
- Identifying the appropriate VPC endpoint service for the request. Existing vpc-svcs are filtered for the requested Cloudera service component and region.
- Authorizing access to the VPC endpoint service is performed.
- Creating a security group for the VPC endpoint with the provided ports.
- Creating a VPC endpoint with the security group created and the VPC endpoint service filtered.
The command returns a
trackingId
, which can be used to verify that the domains
of the respective Cloudera service components are reachable
and resolve to private IPs from your VPC using the following command with the returned
tracking ID from creating private link
endpoints:cdp cloudprivatelinks list-private-link-endpoint-statuses
--tracking-id [***ID***]
You can also check this by accessing the
Monitoring tab of the endpoints in the AWS Console.