This guide outlines the steps to expose your AWS services to Quix using AWS PrivateLink. By setting up a PrivateLink endpoint, Quix can securely connect to your service without requiring public internet access. Click here for AWS documentation.

What Quix Will Provide

Once we receive your details, Quix will provide:

• Quix’s AWS Account ID to authorise access
• The AWS Region your private compute is located in

Steps to Expose Your Service

1. Create a PrivateLink Service Endpoint

1. Go to AWS Console → VPC → Endpoint Services → Create Endpoint Service.
2. Select the Load Balancer that fronts your service.
3. Select AWS region Quix provided**.** (it won’t be in the list if your VPC is already there)
4. Enable Private DNS name
   1. Set the DNS entry necessary to reach this service (e.g., myservice.mydomain.com) if any.
5. Enable Acceptance Required.
6. Authorise Quix to Connect

   1. Under Allowed Principals, add Quix’s AWS Account ID:

      arn:aws:iam::<quix_account_id>:root
      

   2. Save the changes.

7. Share the following details with Quix:
   • Service Endpoint Name (e.g., com.amazonaws.vpce.eu-central-1.vpce-svc-05eabcde006fb1a28)
   • Share the required Ports for communication with Quix. If no specific ports are provided, we will assume unrestricted access and configure connectivity accordingly.
   • The type of service you’re exposing (e.g., AWS service, NLB)

2. Quix Requests a VPC Endpoint

1. Quix will create a VPC Endpoint in our AWS account using the Service Name you provided.
2. You will receive a connection request.

3. Accept the Connection Request

1. Go to AWS Console → VPC → Endpoint Services → Endpoint connections
2. Locate the Pending Acceptance request from Quix.