Certain organizations have policies in place that restrict traffic from traversing the public Internet. AppDynamics provides support for AWS PrivateLink, which offers private connectivity between AppDynamics Agents running in an AWS Virtual Private Cloud (VPC) and an AppDynamics SaaS Controller.
Customers who have both a workload running in AWS and an AppDynamics SaaS Controller hosted in AWS have the option to access AppDynamics SaaS Controllers privately via AWS PrivateLink. The customer VPC and AppDynamics SaaS Controller can reside in the same AWS region or different AWS Regions (subject to regions where AWS supports Inter-Region VPC Peering).
Before you begin, make sure you have the following:
You will also need to take the following steps:
To integrate your AWS Virtual Private Cloud (VPC) with an AppDynamics SaaS controller, follow the instructions below for your type of AppDynamics deployment:
Note: The VPC is where your AppDynamics Agents are hosted.
If your VPC is in the same AWS region as the target AppDynamics SaaS Controller, you’ll create an interface endpoint to an endpoint service. See an overview of this configuration here. Follow the steps below or refer to the detailed steps here.
If your VPC is in a different AWS region than the target AppDynamics SaaS Controller, you’ll need to create an AWS Transit VPC. For example, the VPC where your AppDynamics Agents are hosted (i.e. the Customer VPC in the Customer AWS region) may be in one region, but your Controller may be hosted in another region (i.e. the AppDynamics SaaS region).
This generates a request to the AppDynamics SaaS PrivateLink endpoint service over the AWS PrivateLink network. Once the request is accepted and processed by AppDynamics, the connection between your organization's endpoint and the AppDynamics endpoint will be live and you should see traffic flowing to the Controller.
To set up and manage the Transit VPC configuration, follow the outline below or refer to AWS Transit VPC in the AWS documentation for detailed instructions.