|
|
|
|
|
|
by JackSlateur
1001 days ago
|
|
|
Private link is a clever way to implement real network segmentation That is, when you have a customer in some network and a provider in another network, you had to implement full connectivity between the customer and the provider With private link, you can remove all that connectivity, and instead expose the provider' service to the customer
The service, nothing more, so just one endpoint This is really good from a security point of view, but also for managing your stuff (especially if there are multiple teams in the compagny):
because you now have a resource, you can easily list the services you expose to other people, and whom are your customers |
|
|
1. get list of customer netblocks
2. setup "internal" service(s) for customers
3. setup firewall rules to allow customer <-> service allow list
4. setup DNS records
5. tell customers DNS and API targets