AWS Virtual PrivateLink Setup

This guide illustrates configuring an AWS Virtual PrivateLink (VPL) between your company VPC and Fiddler Cloud environment to establish secure communication channels.

Prerequisites

• AWS account with VPC access

• Fiddler-provided service name

• Fiddler-provided DNS name

• VPC CIDR range information

• Appropriate AWS IAM permissions to create VPC endpoints

Step 1: Navigate to the AWS VPC Console

1. Log in to your AWS Management Console

2. Navigate to the VPC service

3. In the left navigation panel, click on "Endpoints"

4. Click the Create endpoint button

Step 2: Configure the Fiddler Endpoint Service

1. Enter a descriptive name tag for your endpoint

2. Select "PrivateLink Ready partner services" from the service categories

3. Enter the Fiddler-provided service name

4. Click Verify Service to confirm the service details

Step 3: Select VPC and Subnets

1. Select your VPC from the dropdown

2. Choose all subnets where your client applications are running

3. Ensure the selected subnets have appropriate routing within your VPC to the endpoint

Step 4: Configure Security Group

1. Create a new security group if one doesn't exist

2. Add an inbound rule to allow:

   • Port: 443 (HTTPS)

   • Source: Your VPC CIDR range

3. Select the security group ID to associate with the endpoint

Example security group configuration:

• Inbound rule: TCP 443 from VPC CIDR

• Outbound rule: All traffic (default)

Step 5: Create the Endpoint

1. Review all configuration settings

2. Click Create endpoint to initiate the endpoint creation

3. Wait for the endpoint status to change to "Available"

Step 6: Configure Private DNS

1. Select the newly created endpoint

2. From the Actions menu, choose "Modify private DNS name"

3. Enable private DNS names by checking the "Enable for this endpoint" checkbox

4. Important: The private DNS name will be in the format: <customer-subdomain>.cloud.fiddler.ai

   • Example: If your company name is "acme", the DNS name would be acme.cloud.fiddler.ai

5. Click Save changes

Step 7: Verify Configuration

1. Wait for the endpoint status to show as "Available"

2. Verify that the private DNS name is enabled

3. Confirm the security group rules are properly configured

Step 8: Access Fiddler

Once the configuration is complete, you can access the Fiddler UI within your VPC using the configured DNS name:

https://<customer-subdomain>.cloud.fiddler.ai

Troubleshooting

If you encounter issues:

• Verify the endpoint status in the AWS console

• Check security group rules and network ACLs

• Confirm DNS resolution within your VPC

• Contact Fiddler support with your endpoint ID and any error messages

Next Steps

• For automated setup, see the AWS VPC Endpoint Automation Script

• Configure your applications to use the private endpoint

• Set up monitoring for the VPL connection

• Review security best practices