Network Access

Consider the following cluster network types when determining the public Internet access configuration for resources that fully-managed connectors must access. For Confluent Cloud networking details, see the Cloud Networking docs.

Important

To use static egress IP addresses, you must be running a multi-tenant or Dedicated cluster on AWS and on the public Internet (that is, without VPC peering, Transit Gateway, or AWS PrivateLink).

Cluster types and connectivity

The following tabs provide network connectivity details for managed connectors. For Confluent Cloud networking details, see the Cloud Networking docs.

The following information applies to a managed Sink or Source connector connecting to an external system using a public IP address.

Cluster network type Public IP address connectivity IP range used by the connector
Public Endpoint (AWS) Yes Fixed set of static egress IP addresses (see static egress IP addresses)
Public Endpoint (Azure and Google Cloud) Yes Dynamic public IP/CIDR range from the cloud provider region where the Confluent Cloud cluster is located
VPC Peering and Transit Gateway Yes Dynamic public IP/CIDR range from the cloud provider region where the Confluent Cloud cluster is located
Private Link Yes Dynamic public IP/CIDR range from the cloud provider region where the Confluent Cloud cluster is located

DNS considerations

Fully qualified domain names: Some services require fully qualified domain names (FQDNs) to access the service. In order for a managed connector to access such a service, the service must use public DNS records pointing to the IP address (public or private). Private DNS zones are not supported in Confluent Cloud.

Private service endpoints: Cloud service providers offer the ability to set up private endpoints with custom or vanity DNS names for native cloud provider services. Private endpoints are only supported if the provider supports resolving the endpoints using public DNS.