The page has been translated by Gen AI.
Integrate PrivateLink Service
By integrating Cloud Functions with the PrivateLink service, you can connect VPCs within the Samsung Cloud Platform to other VPCs, and VPCs to services, without using the external internet.
The data uses only the internal network, providing high security, and does not require public IP, NAT, VPN, or an internet gateway.
Enable PrivateLink Service
To connect the PrivateLink Service, you must first enable the service.
To enable the PrivateLink service, follow these steps.
- All Services > Compute > Cloud Functions Click the menu. 1. Navigate to the Service Home page of Cloud Functions.
- On the Service Home page, click the Function menu. 2. Go to the Function list page.
- On the Function List page, click the resource to associate with PrivateLink. 3. Function Details page.
- On the Function Details page, click the Configuration tab.
- In Private connection configuration, click the Edit button of PrivateLink Service. 5. PrivateLink Service Edit The popup window opens.
- PrivateLink Service Edit In the popup window, after checking the Use item of Activation Status, click the Confirm button. 6. Configuration tab’s Private connection configuration displays PrivateLink Service information.
| Category | Detailed description |
|---|---|
| Private URL | PrivateLink Service URL information |
| PrivateLink Service ID | PrivateLink Service ID information |
| Request Endpoint Management | List of PrivateLink Endpoints that requested a PrivateLink Service connection
|
Table. PrivateLink Service detailed information items
Integrating PrivateLink Service
You can expose the function for private access from another VPC by integrating with PrivateLink Service.
information
Activate the PrivateLink Service first, then proceed with the integration work.
To integrate the PrivateLink service, review the following tasks.
- Register the domain for the PrivateLink Endpoint IP address and the Private URL address to invoke the issued Private URL.
192.168.0.13 abc123.scf.private.kr-west1.qa2.samsungsdscloud.com - When invoking the PrivateLink Service, verify IAM authentication based on the credentials of the Endpoint creator required for the Endpoint.
Create PrivateLink Endpoint
Create an entry point to access the PrivateLink Service of the user VPC.
Caution
Additional costs may be incurred when creating an endpoint.
To create a PrivateLink Endpoint, follow these steps.
- Click the All Services > Compute > Cloud Functions menu. 1. Go to the Service Home page of Cloud Functions.
- On the Service Home page, click the Function menu. 2. Go to the Function list page.
- On the Function list page, click the resource to associate with PrivateLink. 3. Function Details Go to the page.
- On the Function Details page, click the Configuration tab.
- Click the Add button in Private connection configuration of PrivateLink Endpoint. 5. Add PrivateLink Endpoint The popup window opens.
- Add PrivateLink Service in the popup window, after entering the PrivateLink Service ID and Alias information, click the Confirm button.
- When the popup indicating creation opens, click the Confirm button. 7. Configuration tab’s Private connection configuration displays PrivateLink Endpoint information.
| Category | Detailed description |
|---|---|
| PrivateLink Endpoint ID | PrivateLink Endpoint ID information |
| PrivateLink Service ID | PrivateLink Service ID information |
| Alias | hostalias information that can be used instead of an IP address for accessing a PrivateLink Endpoint |
| status | Approval status of PrivateLink Endpoint
|
Table. PrivateLink Endpoint detailed information items
Integrating APIGW Private EPS
To connect the SCF Endpoint and the APIGW Private Endpoint, you must specify the Private URL in the SCF Endpoint Alias instead of the APIGW EPS resource path.
- Private URL example:
181b6126ef6d4e4b81370df5.apigw.private.kr-west1.s.samsungsdscloud.com/get/resourcepath
To integrate APIGW Private EPS, refer to the following code.
Color mode
const request = require('request');
/**
* @description User writing area (Function details)
*/
exports.handleRequest = async function (params) {
return await sendRequest(params);
};
async function sendRequest(req) {
return new Promise((resolve, reject) => {
// Port 80 and Port 443 are available
url = "https://{alias}/{resource_path}"; // Destination URL
/**
{alias} is the alias name entered when creating an Endpoint within the function
{resoure_path} is the resource path (/get/resourcepath) specified in the Private URL of APIGW EPS
*/
const options = {
uri: url,
method:'GET',
json: true,
strictSSL: false,
rejectUnauthorized: false
}
request(options, (error, response, body) => {
if (error) {
reject(error);
} else {
resolve({
statusCode: response.statusCode,
body: JSON.stringify(body)
});
}
});
});
}const request = require('request');
/**
* @description User writing area (Function details)
*/
exports.handleRequest = async function (params) {
return await sendRequest(params);
};
async function sendRequest(req) {
return new Promise((resolve, reject) => {
// Port 80 and Port 443 are available
url = "https://{alias}/{resource_path}"; // Destination URL
/**
{alias} is the alias name entered when creating an Endpoint within the function
{resoure_path} is the resource path (/get/resourcepath) specified in the Private URL of APIGW EPS
*/
const options = {
uri: url,
method:'GET',
json: true,
strictSSL: false,
rejectUnauthorized: false
}
request(options, (error, response, body) => {
if (error) {
reject(error);
} else {
resolve({
statusCode: response.statusCode,
body: JSON.stringify(body)
});
}
});
});
}