updated security docs - https connection method #708
Conversation
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
fiquick
changed the title
| * Connections using private endpoints are one-way. | ||
| Aura VPCs can't initiate connections back to your VPCs. | ||
| * In AWS region us-east-1, we do not support the Availability Zone with ID use1-az3 for private endpoints. | ||
| * Private endpoints apply to all instances in the region. |
There was a problem hiding this comment.
I don't think this should be an admonition, a regular bullet list is sufficient since in essence it is a summary.
| When public traffic is disabled, Query and Bloom are not accessible via the public internet. | ||
| To continue accessing these tools, xref:getting-started/connect-instance.adoc#_connection_method[connect via HTTPS (port 443)], this is helpful when network security blocks Bolt (port 7687), e.g. when a private link is set up on the database with public traffic disabled. | ||
| Alternatively you can set up a VPN (Virtual Private Network) in your VPC and connect to Query and Explore over the VPN. | ||
|
|
||
| == Private endpoints | ||
|
|
||
| Private endpoints are network interfaces inside your own VPC, which can only be accessed within your private network. |
There was a problem hiding this comment.
Are private endpoints available for all plans now?
|
|
||
| To continue accessing Browser and Bloom, you can configure a VPN (Virtual Private Network) in your VPC and connect to Browser and Bloom over the VPN. | ||
| For a step-by-step guide, see the link:https://neo4j.com/blog/auradb/neo4j-aws-privatelink-configuration/#2[How to Configure Neo4j Aura With AWS PrivateLink] blog article. |
There was a problem hiding this comment.
As mentioned before, not a fan of linking to blog posts in the docs. If the content there is important, let's find a place for it in the docs. Add it as a tutorial maybe? The concern is that we (the docs team) have no control over its content.
|
|
||
| image::azure_privatelink_03_browser_bloom_over_vpn.png["Accessing Browser and Bloom over a VPN", title="Accessing Browser and Bloom over a VPN"] | ||
| .Accessing tools over a VPN | ||
| image::azure_privatelink_03_browser_bloom_over_vpn.png["Accessing tools over a VPN"] | ||
|
|
||
| ==== Enable Azure Private Endpoints for Aura |
There was a problem hiding this comment.
We need to provide the corresponding instructions for AWS and GCP as well.
|
|
||
| To continue accessing Browser and Bloom, you can configure a VPN (Virtual Private Network) in your VPC and connect to Browser and Bloom over the VPN. | ||
| For a step-by-step guide, see the link:https://neo4j.com/blog/auradb/neo4j-aws-privatelink-configuration/#2[How to Configure Neo4j Aura With AWS PrivateLink] blog article. | ||
| Refer to link:https://aws.amazon.com/privatelink[AWS PrivateLink] docs for IAM requirements. | ||
|
|
There was a problem hiding this comment.
This piece of information seems to have gone missing:
All applications running Neo4j workloads inside the VPC are routed directly to your isolated environment in Aura without traversing the public internet. You can then disable public traffic, ensuring all traffic to the instance remains private to your VPC.
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
Co-authored-by: Jessica Wright <[email protected]>
|
This PR includes documentation updates Updated pages: |
No description provided.