|
| 1 | +--- |
| 2 | +title: Use VPN with Azure Managed Instance for Apache Cassandra |
| 3 | +description: Discover how to secure your cluster with vpn when you use Azure Managed Instance for Apache Cassandra. |
| 4 | +author: IriaOsara |
| 5 | +ms.author: iriaosara |
| 6 | +ms.service: managed-instance-apache-cassandra |
| 7 | +ms.topic: how-to |
| 8 | +ms.date: 02/08/2024 |
| 9 | +ms.devlang: azurecli |
| 10 | + |
| 11 | +--- |
| 12 | +# Use VPN with Azure Managed Instance for Apache Cassandra |
| 13 | + |
| 14 | +By using a VPN with your Azure Managed Instance for Apache Cassandra, you can securely connect our management service and your cluster without making it public. It lets you keep full control over the network where your cluster is located, and it lets you use your own security rules to manage access to your cluster. |
| 15 | + |
| 16 | +> [!IMPORTANT] |
| 17 | +> Using VPN with Azure Managed Instance for Apache Cassandra is in public preview. |
| 18 | +> This feature is provided without a service level agreement, and it's not recommended for production workloads. |
| 19 | +> For more information, see [Supplemental Terms of Use for Microsoft Azure Previews](https://azure.microsoft.com/support/legal/preview-supplemental-terms/). |
| 20 | +
|
| 21 | +## How to use VPN with Azure Managed Instance for Apache Cassandra |
| 22 | + |
| 23 | +1. Create a cluster of Cassandra Managed Instance using "VPN" as the value for the `--azure-connection-method` option: |
| 24 | + |
| 25 | + ```bash |
| 26 | + az managed-cassandra cluster create \ |
| 27 | + --cluster-name "vpn-test-cluster" \ |
| 28 | + --resource-group "vpn-test-rg" \ |
| 29 | + --location "eastus2" \ |
| 30 | + --azure-connection-method "VPN" \ |
| 31 | + --initial-cassandra-admin-password "password" |
| 32 | + ``` |
| 33 | + |
| 34 | +1. Use the following command to see the cluster properties. From the output, make a copy of the `privateLinkResourceId` ID: |
| 35 | + |
| 36 | + ```bash |
| 37 | + az managed-cassandra cluster show \ |
| 38 | + --resource-group "vpn-test-rg" \ |
| 39 | + --cluster-name "vpn-test-cluster" |
| 40 | + ``` |
| 41 | + |
| 42 | +1. On the portal, [create a private endpoint](../cosmos-db/how-to-configure-private-endpoints.md) |
| 43 | + 1. On the Resource tab, select "Connect to an Azure resource by resource ID or alias." as the connection method and `Microsoft.Network/privateLinkServices` as the resource type. Enter the `privateLinkResourceId` from step (2). |
| 44 | + 1. On the Virtual Network tab, select your virtual network's subnet and make sure to select the option for "Statically allocate IP address." |
| 45 | + 1. Validate and create. |
| 46 | +
|
| 47 | + > [!NOTE] |
| 48 | + > At the moment, the connection between our management service and your private endpoint requires the Azure Managed Instance for Apache Cassandra team [email protected] to approve it. |
| 49 | + |
| 50 | +1. Get the IP address of your private endpoint NIC. |
| 51 | +
|
| 52 | +1. Create a new data center using the IP address from (5) as the `--private-endpoint-ip-address` parameter. |
| 53 | +
|
| 54 | +
|
| 55 | +## Next steps |
| 56 | +- Learn about [hybrid cluster configuration](configure-hybrid-cluster.md) in Azure Managed Instance for Apache Cassandra. |
0 commit comments