Whitelisting Analytics Engine IPs : Controlling access to external and internal data

Overview

PART 1: ANALYTICS ENGINE API TO GET THE PUBLIC & PRIVATE IPs

curl --request GET \
--url https://api.us-south.ae.cloud.ibm.com/v2/analytics_engines/<<instance_guid>> \
--header 'authorization: Bearer eyJraWQiOiIyMDIwMDMyN<<...>>' \
--header 'content-type : application/json'

PART 2: WHITE LISTING OF PUBLIC IPs OF ANALYTICS ENGINE TO ON-PREM DATA

a. Simulating OnPrem Database

b. Allowed incoming access to port 3306

c. Accessing this data from Analytics Engine instance #1

d. Accessing this data from Analytics Engine instance #2

e. Restricting access to one IPs of one Analytics Engine only

f. Access denied for the second instance of Analytics Engine #2

PART 3: WHITE LISTING OF PRIVATE IPs OF ANALYTICS ENGINE TO IBM COS

a. Accessing COS on the private endpoint from Analytics Engine #1

b. Accessing COS on the private endpoint from Analytics Engine #2

c. Whitelisting Private IPs against bucket in COS

d. Access denied for the Analytics Engine instance #2

CONCLUSION

Senior Consultant, IBM Cloud. Sharing titbits of epiphanies...

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store