SingleStore Private Connections

The SingleStore Private Connections (SPC) feature allows you to connect from a SingleStore Helios workspace to private services and networks. Private services/networks simplify networking and connectivity by allowing users to connect directly from a virtual private network to SingleStore Helios.

To successfully set up a private connection, you need to configure both the outbound and inbound connections. Each workspace can only have one active inbound and outbound connection of each type. Hence, each workspace group can have the following private connections:

  • At most one inbound and one outbound connection each for DDL connections

  • At most one outbound connection for each workspace (DML connection)

  • At most one inbound connection for each workspace (DML connection)

The SPC feature is only supported for SingleStore Helios workspaces deployed using AWS, and it only supports connections to AWS PrivateLink.

Note

When using a third-party SQL client or development tool, you must first add a database user to log into a SingleStore Helios database.

Prerequisites

The SPC feature must be enabled for your organization. If this feature is not enabled by default, contact SingleStore Support.

Configure Private Connections

To create a private connection to AWS PrivateLink, refer to Connect to SingleStore Helios using AWS PrivateLink.

Manage Private Connections

To manage a private connection on the Cloud Portal, navigate to Deployments, select your workspace group from the workspace group list, and then select Firewall. Under Private Links, select the three dots in the Actions column of your private connection.

Once the private connection is in ACTIVE state, you can perform the following actions:

  • Edit Connection: Displays the private connection details, and allows you to edit the AWS Account ID of your (inbound) private connection.

  • Delete Connection: Deletes a private connection.

Private Connection Status

Any private connection can have one of the following statuses:

Status

Description

ACTIVE

The private connection is ready for use.

DELETED

The private connection has been deleted.

PENDING

The private connection is being configured.

Last modified: January 16, 2025

Was this article helpful?

Verification instructions

Note: You must install cosign to verify the authenticity of the SingleStore file.

Use the following steps to verify the authenticity of singlestoredb-server, singlestoredb-toolbox, singlestoredb-studio, and singlestore-client SingleStore files that have been downloaded.

You may perform the following steps on any computer that can run cosign, such as the main deployment host of the cluster.

  1. (Optional) Run the following command to view the associated signature files.

    curl undefined
  2. Download the signature file from the SingleStore release server.

    • Option 1: Click the Download Signature button next to the SingleStore file.

    • Option 2: Copy and paste the following URL into the address bar of your browser and save the signature file.

    • Option 3: Run the following command to download the signature file.

      curl -O undefined
  3. After the signature file has been downloaded, run the following command to verify the authenticity of the SingleStore file.

    echo -n undefined |
    cosign verify-blob --certificate-oidc-issuer https://oidc.eks.us-east-1.amazonaws.com/id/CCDCDBA1379A5596AB5B2E46DCA385BC \
    --certificate-identity https://kubernetes.io/namespaces/freya-production/serviceaccounts/job-worker \
    --bundle undefined \
    --new-bundle-format -
    Verified OK