Knowledge Base Home

AWS Integrations – Generating a PrivateLink Endpoint

A quick walkthrough demonstrating the creation of a PrivateLink Endpoint in an AWS VPC.


  1. Make sure you are subscribed to the Kaleido service through the AWS Marketplace before continuing.
  2. Access the Kaleido console and open the Feedback tool. Select Other as the purpose of the inquiry and in the body of the request supply your AWS Account ID and a short sentence requesting access to the Kaleido PrivateLink endpoint service. Kaleido requires your AWS Account ID in order to whitelist your AWS Organization and expose the service.
  3. Wait for a confirmation from the Kaleido support center. Once the private endpoint service has been enabled, you can proceed to create the endpoint.
  4. Log into the AWS console and navigate to the VPC Service
  5. Click Your VPCs in the navigation panel and verify that both DNS resolution and DNS hostnames are enabled for the target VPC. If they are not, the settings can be changed using the Actions drop-down menu at the top of the page.
  6. Click Endpoints in the VPC navigation panel
  7. Click the Create Endpoint button at the top of the screen
  8. In the Service Category section select Your AWS Marketplace services as the option
  9. Select the regional entry ending in .kaleido. You should see an entry name similar to within the table. Note that the AWS region may differ depending on the hosting location of your VPC
  10. Remain on this screen and use the VPC dropdown menu to select the intended target VPC for this endpoint (this should be the one configured for DNS in the previous steps).
  11. Select which Availability Zones (AZs) and corresponding subnets to enable the endpoint for. It is recommended that you select all available for your target VPC.
  12. Verify that Enable Private DNS Name is selected for the endpoint
  13. Lastly, select the appropriate Security Group or create a new one if needed
  14. Click Create endpoint to provision the private interface

Prev AWS Integrations – Setting up Cloudwatch Logging Permissions Next AWS Integrations – Configuring an S3 Bucket