VPC network

VPC network

Set up VPC networking so that your clusters can communicate privately with applications

A Virtual Private Cloud (VPC) network allows applications running on instances on the same cloud provider as your YugabyteDB Managed clusters to communicate with those clusters without traversing the public internet; all traffic stays in the cloud provider's network.

Use VPC networks to lower network latencies, make your application and database infrastructure more secure, and reduce network data transfer costs.

In YugabyteDB Managed, a VPC network consists of the following components:

Component Description
VPC A VPC reserves a block of IP addresses on the cloud provider.
You deploy your cluster in a VPC.
Peering connection Links the cluster VPC to an application VPC on the same cloud provider.
AWS and GCP only.
A peering connection is created for a VPC.
You need to add the IP address of your peered application VPC to the cluster IP allow list.
Required for smart load balancing features of YugabyteDB smart drivers.
Private service endpoint Links the cluster endpoint to an application VPC endpoint, using the cloud provider's private linking service.
AWS and Azure only.
A private service endpoint (PSE) is added to a cluster; the cluster must be deployed in a VPC.
No need to add the IP address of your application to the cluster IP allow list.

Typically, you would either have a VPC network with peering, or use PSEs.

VPCs and peering connections are managed on the VPC Network tab of the Networking page.

Note

To connect a cluster to an application VPC using either a peering connection or a private service endpoint, you need to deploy the cluster in a dedicated VPC. You need to set up the dedicated VPC before deploying your cluster.

VPC networking is not supported in Sandbox clusters.