The purpose of this procedure is to ensure that all traffic originating from your own AWS VPC, going out to your JFrog JPD (residing in the same region) will be routed automatically via the PrivateLink, rather than via public Internet. Traffic going out to other JFrog domains, such as remote JPDs located in other regions, or to other JFrog services such as releases.jfrog.io
, will continue to be routed via the public Internet.
Note
Your existing <servername>.jfrog.io
is supported over the PrivateLink connection. Moreover, once you set up an AWS PrivateLink via MyJFrog, JFrog automatically creates an additional domain name that points to your instance, in the format acme.pe.jfrog.io
. This domain will be used by your PrivateLink setup. For example, if your standard public JFrog domain is myservername.jfrog.io
, the additional domain will be myservername.pe.jfrog.io
.
The goal is to enable customers with the ability to distinguish between hosts on public and private networks. This also applies to routing URLs, providing the ability to set up a routing policy for the jfrog.io
domain, and route traffic to topology members based on the DNS logic. For more information about DNS routing, see DNS Routing in MyJFrog.
How you choose to set up your DNS in AWS depends on your organization's architecture, in which there are two factors:
Which domain name?
Custom domain name
JFrog domain
Which type of connection?
Connecting directly from your AWS VPC to JFrog's VPC
Connecting from your on-premise data center via AWS to the JFrog VPC
To better understand these options, they have been broken down into the section below, with diagrams to illustrate how they work.