Configure PrivateLink

Configure PrivateLink to connect with Guidewire Cloud.

About this task

Note: The following procedure is an example, provided primarily for reference. Your configuration may require additional setup. For more specific guidance, consult your network manager.

Procedure

  1. Create the necessary security groups to attach to the PrivateLink VPC endpoint.
    1. In the AWS VPC dashboard sidebar, select Security groups.
    2. Create the security groups with appropriate inbound rules that authorize your internal client subnets to route traffic through PrivateLink.
    That allows access from the authorized subnets. The security groups must have inbound rules from the client network.
  2. Create a VPC endpoint.
    1. In the AWS VPC dashboard sidebar, select Endpoints.
    2. Select Create endpoint.
    3. For Name tag, enter a name for the endpoint.
    4. Under Service category, select Endpoint services that use NLBs and GWLBs.
    5. In the Service name text box, enter the VPC endpoint service name (VpcEsName) provided to you by Guidewire.
    6. In the VPC drop-down list, select the target VPC.
    7. In the Availability Zones list, select the availability zones provided to you by Guidewire.
    8. In the Security groups list, select the security groups that allow access from the specified availability zone subnets.
    9. Select Create endpoint.
  3. Create a private hosted DNS zone.
    1. In the Amazon Route 53 dashboard, select Hosted Zones
    2. Select Create hosted zone.
    3. For Domain name, enter the fully-qualified domain name of the hosted zone that connects with the Guidewire Cloud quadrant.
      URLs must follow the pattern given in Cloud Platform.
    4. For Type, select Private hosted zone.
    5. Under VPCs to associate with the hosted zone, select the applicable region and VPC.
    6. Select Create hosted zone.
  4. Create a star record for the hosted zone.
    1. On the detail screen for the hosted zone, select Create record.
    2. For Record name, type *.
    3. In the Record type drop-down list, select CNAME.
    4. In the Value text box, enter the DNS record from the VPC endpoint.
      Note: Use the DNS address appearing at the top of the DNS names list for the endpoint.
    5. Select Create records.
  5. Update the Guidewire Cloud with the PrivateLink private IP addresses, as well as the IP address of the individual machine (or subnet for multiple machines) used to connect to PrivateLink, as described in Cloud Platform.