Enable Private Network Egress
Astro supports Private Network Egress Mode for dedicated AWS clusters to ensure security and compliance, and to provide a data loss protection architecture to secure against unauthorized data transfer.
Enabling Private Network Egress Mode disables public internet connectivity from your Astro Deployments and makes private networking connections required to connect to external data services and external endpoints for Metrics Export. With Private Network Egress enabled, exports to public observability platforms like Grafana Cloud will be impacted.
An icon on Deployments and Deployment details pages indicate when a Deployment is on a cluster with Private Network Egress enabled.
Enable or disable Private Network Egress Mode for a cluster
Private Network Egress Mode can be enabled for new and existing dedicated AWS clusters.
- In the Organization section of the Astro UI, click Clusters.
- Configure the egress mode:
- For an existing dedicated cluster, click the cluster you want to edit. Then, enable Private Network Egress Mode in the Cluster Details.
- For a new dedicated cluster, click Add cluster and then enable Private Network Egress Mode in the Network Egress Management section during the initial configuration of the cluster.