Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.omni.co/llms.txt

Use this file to discover all available pages before exploring further.

If your database is in a private network within Amazon Web Services (AWS), Omni can connect to your database via PrivateLink. In this configuration, Omni establishes an encrypted connection from our network to your network via a VPC endpoint.

Limitations and considerations

This guide does not apply to Snowflake databases or Redshift-managed VPCs in AWS. Follow the dedicated PrivateLink guides for these databases:

Requirements

To follow the steps in this guide, you’ll need permissions in AWS that allow you to create VPC endpoint services.

Setup

1

Set up a VPC endpoint in your AWS account

In your AWS account, set up a VPC endpoint service that connects to your database:
  • Allow access to our account principal: arn:aws:iam::767117061426:root
  • Enable cross-region access and allow access to the regions of your Omni environment:
    RegionPrimaryDisaster recovery
    EastUsaus-east-1us-west-2
    Irelandeu-west-1eu-central-1
    Australiaap-southeast-2ap-southeast-4
    Canadaca-central-1ca-west-1
    Indiaap-south-1ap-south-2
Additionally, verify that traffic from the VPC endpoint to your database is allowed. As PrivateLink traffic is internal to the network, Omni’s public IP addresses don’t apply.If using a security group on the load balancer, you’ll need to manually disable a setting in AWS to accomplish this:
  1. In the AWS load balancer console, navigate to the Security tab.
  2. Click the Edit button.
  3. Turn off Enforce inbound rules on PrivateLink traffic.
2

Contact Omni support

Contact Omni support with the following information:
  • The name of your VPC endpoint service, for example com.amazonaws.vpce.REGION.vpce-svc-XXXXXXXXXX
  • The port your database will be listening on
  • Technical contact details, in case of connection difficulties

What’s next?

After you contact Omni support with the information in step 2, we’ll create a VPC endpoint that connects to your service to support the connection to the database. If your service requires manual approval of new endpoint connections, we will contact you to request approval. Once this is complete, Omni support will add the new database connection to your Omni instance. The connection can then be used like any other database connection.