From d550c687f9b4d63c5da3d6383b77894f91d31afd Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 7 Jan 2026 20:26:48 -0700 Subject: [PATCH 1/7] DOC-1348: Document cross-region AWS PrivateLink feature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add supported_regions field to aws_private_link configuration examples - Add new Cross-region PrivateLink section with requirements and usage - Update requirements to note cross-region option - Add cross-region note to Cloud UI page with link to API docs - Add supported_regions to Terraform provider example - Add What's New entry for January 2026 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 # Conflicts: # modules/get-started/pages/whats-new-cloud.adoc # Conflicts: # modules/get-started/pages/whats-new-cloud.adoc --- .../get-started/pages/whats-new-cloud.adoc | 6 ++ modules/manage/pages/terraform-provider.adoc | 1 + modules/networking/pages/aws-privatelink.adoc | 62 +++++++++++++++++-- .../configure-privatelink-in-cloud-ui.adoc | 2 +- 4 files changed, 66 insertions(+), 5 deletions(-) diff --git a/modules/get-started/pages/whats-new-cloud.adoc b/modules/get-started/pages/whats-new-cloud.adoc index db4d78403..5ab7e770b 100644 --- a/modules/get-started/pages/whats-new-cloud.adoc +++ b/modules/get-started/pages/whats-new-cloud.adoc @@ -6,6 +6,12 @@ This page lists new features added to Redpanda Cloud. +== February 2026 + +=== Cross-region AWS PrivateLink + +AWS PrivateLink now supports cross-region connectivity, allowing clients in different AWS regions to connect to your Redpanda cluster through PrivateLink. Configure the `supported_regions` field in your `aws_private_link` settings to specify which regions can establish PrivateLink connections. This feature requires multi-AZ cluster deployments. See xref:networking:aws-privatelink.adoc#cross-region-privatelink[Cross-region PrivateLink]. + == January 2026 === Redpanda Connect updates diff --git a/modules/manage/pages/terraform-provider.adoc b/modules/manage/pages/terraform-provider.adoc index d3a759d52..ffe98f20b 100644 --- a/modules/manage/pages/terraform-provider.adoc +++ b/modules/manage/pages/terraform-provider.adoc @@ -354,6 +354,7 @@ resource "redpanda_cluster" "test" { enabled = true connect_console = true allowed_principals = ["arn:aws:iam::123456789024:root"] + supported_regions = ["us-east-1", "us-west-2"] # Optional: Enable cross-region PrivateLink } tags = { "environment" = "dev" diff --git a/modules/networking/pages/aws-privatelink.adoc b/modules/networking/pages/aws-privatelink.adoc index 039dfc58a..01eac0564 100644 --- a/modules/networking/pages/aws-privatelink.adoc +++ b/modules/networking/pages/aws-privatelink.adoc @@ -22,7 +22,7 @@ After <>, you can <> must be in the same region. +* Your Redpanda cluster and <> must be in the same region, unless you configure <>. * In this guide, you use the link:/api/doc/cloud-controlplane/topic/topic-cloud-api-overview[Redpanda Cloud API] to enable the Redpanda endpoint service for your clusters. Follow the steps below to <>. * Use the https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html[AWS CLI^] to create a new client VPC or modify an existing one to use the PrivateLink endpoint. @@ -93,6 +93,7 @@ In the example below, make sure to set your own values for the following fields: - `name` - `connect_console`: Whether to enable connections to Redpanda Console (boolean) - `allowed_principals`: Amazon Resource Names (ARNs) for the AWS principals allowed to access the endpoint service. For example, for all principals in an account, use `"arn:aws:iam::account_id:root"`. See https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permission[Configure an endpoint service^] for details. +- `supported_regions`: (Optional) List of AWS regions from which PrivateLink endpoints can connect to Redpanda. Required only for <>. For example, `["us-east-1", "us-west-2"]`. -- + [,bash] @@ -112,7 +113,8 @@ CLUSTER_POST_BODY=`cat << EOF "aws_private_link": { "enabled": true, "connect_console": true, - "allowed_principals": ["",""] + "allowed_principals": ["",""], + "supported_regions": ["",""] } } } @@ -158,6 +160,7 @@ In the example below, make sure to set your own value for the following field: -- - `connect_console`: Whether to enable connections to Redpanda Console (boolean) - `allowed_principals`: Amazon Resource Names (ARNs) for the AWS principals allowed to access the endpoint service. For example, for all principals in an account, use `"arn:aws:iam::account_id:root"`. See https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permission[Configure an endpoint service^] for details. +- `supported_regions`: (Optional) List of AWS regions from which PrivateLink endpoints can connect to Redpanda. Required only for <>. For example, `["us-east-1", "us-west-2"]`. -- + [,bash] @@ -167,7 +170,8 @@ CLUSTER_PATCH_BODY=`cat << EOF "aws_private_link": { "enabled": true, "connect_console": true, - "allowed_principals": ["",""] + "allowed_principals": ["",""], + "supported_regions": ["",""] } } EOF` @@ -234,7 +238,7 @@ xref:networking:byoc/aws/vpc-peering-aws.adoc[VPC peering] and PrivateLink will VPC peering and PrivateLink can both be used at the same time if Kafka clients are connecting from distinct VPCs. For example, in a private Redpanda cluster, you can connect your internal Kafka clients over VPC peering, and enable PrivateLink for external services. ==== -The VPC region must be the same region where the Redpanda cluster is deployed. To create the VPC, run: +The client VPC must be in the same region as your Redpanda cluster, unless you have configured <>. To create the VPC, run: [,bash] ---- @@ -346,6 +350,56 @@ After you have enabled PrivateLink for your cluster, your connection URLs are av include::networking:partial$private-links-access-rp-services-through-vpc.adoc[] +== Cross-region PrivateLink + +By default, AWS PrivateLink only allows connections from VPCs in the same region as the endpoint service. Cross-region PrivateLink enables clients in different AWS regions to connect to your Redpanda cluster through PrivateLink. + +For more information about AWS cross-region PrivateLink support, see the https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html#endpoint-service-cross-region[AWS documentation^]. + +=== Requirements + +* The Redpanda cluster must be deployed across multiple Availability Zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. +* Cross-region PrivateLink is configured through the `supported_regions` field in the `aws_private_link` configuration. + +=== Configure cross-region PrivateLink + +To enable cross-region PrivateLink, add the `supported_regions` field to your `aws_private_link` configuration when <> or <>. + +The `supported_regions` field accepts a list of AWS region identifiers where you want to allow PrivateLink connections from. For example: + +[,json] +---- +"aws_private_link": { + "enabled": true, + "connect_console": true, + "allowed_principals": ["arn:aws:iam::123456789012:root"], + "supported_regions": ["us-east-1", "us-west-2", "eu-west-1"] +} +---- + +With this configuration, clients in VPCs located in `us-east-1`, `us-west-2`, and `eu-west-1` can create PrivateLink endpoints that connect to your Redpanda cluster, regardless of which region the cluster is deployed in. + +=== Create a cross-region VPC endpoint + +When creating a VPC endpoint in a different region than your Redpanda cluster, use the same process as <>, but specify the client VPC's region: + +[,bash] +---- +# CLIENT_REGION is the region where your client VPC is located +# This can be different from the Redpanda cluster region +CLIENT_REGION= + +aws ec2 create-vpc-endpoint \ + --region $CLIENT_REGION --profile $PROFILE \ + --vpc-id $CLIENT_VPC_ID \ + --vpc-endpoint-type "Interface" \ + --ip-address-type "ipv4" \ + --service-name $PL_SERVICE_NAME \ + --subnet-ids $SUBNET_ID \ + --security-group-ids $SECURITY_GROUP_ID \ + --private-dns-enabled +---- + == Test the connection You can test the PrivateLink connection from any VM or container in the consumer VPC. If configuring a client isn't possible right away, you can do these checks using `rpk` or cURL: diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index 88fa75806..237e8d831 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -18,7 +18,7 @@ Consider using the endpoint service if you have multiple VPCs and could benefit == Requirements -* Your Redpanda cluster and VPC must be in the same region. +* Your Redpanda cluster and VPC must be in the same region. For cross-region PrivateLink connectivity, use the xref:networking:aws-privatelink.adoc#cross-region-privatelink[Cloud API]. * Use the https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html[AWS CLI] to create a new client VPC or modify an existing one to use the PrivateLink endpoint. TIP: In Kafka clients, set `connections.max.idle.ms` to a value less than 350 seconds. From 0c29974cb036d242d906cb4b4370f23131fe4abf Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 7 Jan 2026 20:55:45 -0700 Subject: [PATCH 2/7] DOC-1348: Add Cloud UI documentation for cross-region PrivateLink MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add cross-region PrivateLink section to Cloud UI docs - Include UI steps for configuring supported regions - Update What's New to reference both UI and API docs 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .../get-started/pages/whats-new-cloud.adoc | 2 +- .../configure-privatelink-in-cloud-ui.adoc | 28 +++++++++++++++++-- 2 files changed, 26 insertions(+), 4 deletions(-) diff --git a/modules/get-started/pages/whats-new-cloud.adoc b/modules/get-started/pages/whats-new-cloud.adoc index 5ab7e770b..5551f84ec 100644 --- a/modules/get-started/pages/whats-new-cloud.adoc +++ b/modules/get-started/pages/whats-new-cloud.adoc @@ -10,7 +10,7 @@ This page lists new features added to Redpanda Cloud. === Cross-region AWS PrivateLink -AWS PrivateLink now supports cross-region connectivity, allowing clients in different AWS regions to connect to your Redpanda cluster through PrivateLink. Configure the `supported_regions` field in your `aws_private_link` settings to specify which regions can establish PrivateLink connections. This feature requires multi-AZ cluster deployments. See xref:networking:aws-privatelink.adoc#cross-region-privatelink[Cross-region PrivateLink]. +AWS PrivateLink now supports cross-region connectivity, allowing clients in different AWS regions to connect to your Redpanda cluster through PrivateLink. Configure supported regions in the xref:networking:configure-privatelink-in-cloud-ui.adoc#cross-region-privatelink[Cloud UI] or using the xref:networking:aws-privatelink.adoc#cross-region-privatelink[Cloud API] to specify which regions can establish PrivateLink connections. This feature requires multi-AZ cluster deployments. == January 2026 diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index 237e8d831..0985d7e37 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -18,7 +18,7 @@ Consider using the endpoint service if you have multiple VPCs and could benefit == Requirements -* Your Redpanda cluster and VPC must be in the same region. For cross-region PrivateLink connectivity, use the xref:networking:aws-privatelink.adoc#cross-region-privatelink[Cloud API]. +* Your Redpanda cluster and VPC must be in the same region, unless you configure <>. * Use the https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html[AWS CLI] to create a new client VPC or modify an existing one to use the PrivateLink endpoint. TIP: In Kafka clients, set `connections.max.idle.ms` to a value less than 350 seconds. @@ -31,8 +31,9 @@ include::networking:partial$dns_resolution.adoc[] . In the Redpanda Cloud UI, select your https://cloud.redpanda.com/clusters[cluster^], and go to the *Cluster settings* page. . For AWS PrivateLink, click *Enable*. -. On the Enable PrivateLink page, for Allowed principal ARNs, click *Add*, and enter the Amazon Resource Names (ARNs) for each AWS principal allowed to access the endpoint service. For example, for all principals in a specific account, use `arn:aws:iam:::root`. See the AWS documentation on https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permission[configuring an endpoint service^] for details. -. Click *Add* after entering each ARN, and when finished, click *Enable*. +. On the Enable PrivateLink page, for Allowed principal ARNs, click *Add*, and enter the Amazon Resource Names (ARNs) for each AWS principal allowed to access the endpoint service. For example, for all principals in a specific account, use `arn:aws:iam:::root`. See the AWS documentation on https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permission[configuring an endpoint service^] for details. +. Click *Add* after entering each ARN, and when finished, click *Enable*. +. (Optional) To enable <>, add supported regions. See <>. . It may take several minutes for your cluster to update. When the update is complete, the AWS PrivateLink status on the Cluster settings page changes from *In progress* to *Enabled*. NOTE: For help with issues when enabling PrivateLink, contact https://support.redpanda.com/hc/en-us/requests/new[Redpanda support^]. @@ -49,6 +50,27 @@ You can test the connection to the endpoint service from any VM or container in include::networking:partial$private-links-test-connection.adoc[] +== Cross-region PrivateLink + +By default, AWS PrivateLink only allows connections from VPCs in the same region as the endpoint service. Cross-region PrivateLink enables clients in different AWS regions to connect to your Redpanda cluster through PrivateLink. + +For more information about AWS cross-region PrivateLink support, see the https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html#endpoint-service-cross-region[AWS documentation^]. + +=== Requirements + +* The Redpanda cluster must be deployed across multiple Availability Zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. + +=== Configure supported regions + +. In the Redpanda Cloud UI, select your https://cloud.redpanda.com/clusters[cluster^], and go to the *Cluster settings* page. +. In the AWS PrivateLink section, click *Edit* (or *Enable* if PrivateLink is not yet enabled). +. In the *Supported regions* section, click *Add* to add a region from which PrivateLink endpoints can connect to your cluster. +. Select an AWS region from the dropdown. The cluster's home region is automatically included and not shown in the list. +. Repeat to add additional regions as needed. +. Click *Save* (or *Enable*) to apply the changes. + +Clients in VPCs located in the supported regions can now create PrivateLink endpoints that connect to your Redpanda cluster. + == Disable endpoint service On the Cluster settings page for the cluster, click *Disable* for PrivateLink. Existing connections are closed after the AWS PrivateLink service is disabled. To connect using PrivateLink again, you must re-enable the service. From 0a87961733b19b8be9782cf8822523ca78ba241d Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 7 Jan 2026 20:57:28 -0700 Subject: [PATCH 3/7] DOC-1348: Add note that supported regions only appears for multi-AZ clusters MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- .../networking/pages/configure-privatelink-in-cloud-ui.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index 0985d7e37..a74fe61eb 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -62,6 +62,8 @@ For more information about AWS cross-region PrivateLink support, see the https:/ === Configure supported regions +NOTE: The *Supported regions* option only appears in the UI for multi-AZ clusters. + . In the Redpanda Cloud UI, select your https://cloud.redpanda.com/clusters[cluster^], and go to the *Cluster settings* page. . In the AWS PrivateLink section, click *Edit* (or *Enable* if PrivateLink is not yet enabled). . In the *Supported regions* section, click *Add* to add a region from which PrivateLink endpoints can connect to your cluster. @@ -69,6 +71,8 @@ For more information about AWS cross-region PrivateLink support, see the https:/ . Repeat to add additional regions as needed. . Click *Save* (or *Enable*) to apply the changes. +After saving, the *Supported regions* row on the Cluster settings page displays your configured regions. + Clients in VPCs located in the supported regions can now create PrivateLink endpoints that connect to your Redpanda cluster. == Disable endpoint service From 289f4af426717499bb9c41885655c9312dcc4a98 Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 7 Jan 2026 21:17:49 -0700 Subject: [PATCH 4/7] style edits --- modules/networking/pages/aws-privatelink.adoc | 2 +- modules/networking/pages/configure-privatelink-in-cloud-ui.adoc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/networking/pages/aws-privatelink.adoc b/modules/networking/pages/aws-privatelink.adoc index 01eac0564..d9652ac7c 100644 --- a/modules/networking/pages/aws-privatelink.adoc +++ b/modules/networking/pages/aws-privatelink.adoc @@ -358,7 +358,7 @@ For more information about AWS cross-region PrivateLink support, see the https:/ === Requirements -* The Redpanda cluster must be deployed across multiple Availability Zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. +* The Redpanda cluster must be deployed across multiple availability zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. * Cross-region PrivateLink is configured through the `supported_regions` field in the `aws_private_link` configuration. === Configure cross-region PrivateLink diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index a74fe61eb..394dbdd9d 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -58,7 +58,7 @@ For more information about AWS cross-region PrivateLink support, see the https:/ === Requirements -* The Redpanda cluster must be deployed across multiple Availability Zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. +* The Redpanda cluster must be deployed across multiple availability zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. === Configure supported regions From 3931cea7748a46cac828abce04aae8929168d98d Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 7 Jan 2026 21:33:27 -0700 Subject: [PATCH 5/7] style edit --- modules/networking/pages/configure-privatelink-in-cloud-ui.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index 394dbdd9d..e26258251 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -33,7 +33,7 @@ include::networking:partial$dns_resolution.adoc[] . For AWS PrivateLink, click *Enable*. . On the Enable PrivateLink page, for Allowed principal ARNs, click *Add*, and enter the Amazon Resource Names (ARNs) for each AWS principal allowed to access the endpoint service. For example, for all principals in a specific account, use `arn:aws:iam:::root`. See the AWS documentation on https://docs.aws.amazon.com/vpc/latest/privatelink/configure-endpoint-service.html#add-remove-permission[configuring an endpoint service^] for details. . Click *Add* after entering each ARN, and when finished, click *Enable*. -. (Optional) To enable <>, add supported regions. See <>. +. (Optional) To enable cross-region PrivateLink, add supported regions. See <>. . It may take several minutes for your cluster to update. When the update is complete, the AWS PrivateLink status on the Cluster settings page changes from *In progress* to *Enabled*. NOTE: For help with issues when enabling PrivateLink, contact https://support.redpanda.com/hc/en-us/requests/new[Redpanda support^]. From 53aeaab3ea57f48151adf64a55872c305e189c0f Mon Sep 17 00:00:00 2001 From: micheleRP Date: Wed, 14 Jan 2026 16:05:53 -0700 Subject: [PATCH 6/7] incorporate comments from code review --- modules/networking/pages/aws-privatelink.adoc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/modules/networking/pages/aws-privatelink.adoc b/modules/networking/pages/aws-privatelink.adoc index d9652ac7c..ef1cb5fa7 100644 --- a/modules/networking/pages/aws-privatelink.adoc +++ b/modules/networking/pages/aws-privatelink.adoc @@ -359,7 +359,8 @@ For more information about AWS cross-region PrivateLink support, see the https:/ === Requirements * The Redpanda cluster must be deployed across multiple availability zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. -* Cross-region PrivateLink is configured through the `supported_regions` field in the `aws_private_link` configuration. +* Cross-region PrivateLink is configured through the `supported_regions` field in the `aws_private_link` configuration. This field only appears in the API response for multi-AZ clusters. +* For BYOC clusters, the Redpanda agent IAM role must have `vpce:AllowMultiRegion` and `elasticloadbalancing:DescribeListenerAttributes` permissions. === Configure cross-region PrivateLink @@ -381,16 +382,20 @@ With this configuration, clients in VPCs located in `us-east-1`, `us-west-2`, an === Create a cross-region VPC endpoint -When creating a VPC endpoint in a different region than your Redpanda cluster, use the same process as <>, but specify the client VPC's region: +When creating a VPC endpoint in a different region than your Redpanda cluster, use the same process as <>, but specify both the client VPC's region and the service region where your Redpanda cluster is deployed. + +NOTE: The `--service-region` option requires AWS CLI version 2.22.0 or later. Run `aws --version` to check your version and https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html[update if necessary^]. [,bash] ---- # CLIENT_REGION is the region where your client VPC is located -# This can be different from the Redpanda cluster region +# SERVICE_REGION is the region where your Redpanda cluster is deployed CLIENT_REGION= +SERVICE_REGION= aws ec2 create-vpc-endpoint \ --region $CLIENT_REGION --profile $PROFILE \ + --service-region $SERVICE_REGION \ --vpc-id $CLIENT_VPC_ID \ --vpc-endpoint-type "Interface" \ --ip-address-type "ipv4" \ From 72c323da675bc29ade33e17385f7c6d44c8ae446 Mon Sep 17 00:00:00 2001 From: micheleRP Date: Fri, 30 Jan 2026 15:47:10 -0700 Subject: [PATCH 7/7] incorporate doc review feedback --- modules/networking/pages/aws-privatelink.adoc | 2 +- .../networking/pages/configure-privatelink-in-cloud-ui.adoc | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/modules/networking/pages/aws-privatelink.adoc b/modules/networking/pages/aws-privatelink.adoc index ef1cb5fa7..8e12f495a 100644 --- a/modules/networking/pages/aws-privatelink.adoc +++ b/modules/networking/pages/aws-privatelink.adoc @@ -19,7 +19,7 @@ Consider using the PrivateLink endpoint service if you have multiple VPCs and co After <>, you can <>, or you can <>. -== Requirements +== Prerequisites * Install `rpk`. * Your Redpanda cluster and <> must be in the same region, unless you configure <>. diff --git a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc index e26258251..83362917d 100644 --- a/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc +++ b/modules/networking/pages/configure-privatelink-in-cloud-ui.adoc @@ -56,7 +56,7 @@ By default, AWS PrivateLink only allows connections from VPCs in the same region For more information about AWS cross-region PrivateLink support, see the https://docs.aws.amazon.com/vpc/latest/privatelink/privatelink-share-your-services.html#endpoint-service-cross-region[AWS documentation^]. -=== Requirements +=== Prerequisites * The Redpanda cluster must be deployed across multiple availability zones (multi-AZ). This is an AWS limitation for cross-region PrivateLink. @@ -64,14 +64,14 @@ For more information about AWS cross-region PrivateLink support, see the https:/ NOTE: The *Supported regions* option only appears in the UI for multi-AZ clusters. -. In the Redpanda Cloud UI, select your https://cloud.redpanda.com/clusters[cluster^], and go to the *Cluster settings* page. +. In the Redpanda Cloud UI, select your https://cloud.redpanda.com/clusters[cluster^], and go to the cluster settings page. . In the AWS PrivateLink section, click *Edit* (or *Enable* if PrivateLink is not yet enabled). . In the *Supported regions* section, click *Add* to add a region from which PrivateLink endpoints can connect to your cluster. . Select an AWS region from the dropdown. The cluster's home region is automatically included and not shown in the list. . Repeat to add additional regions as needed. . Click *Save* (or *Enable*) to apply the changes. -After saving, the *Supported regions* row on the Cluster settings page displays your configured regions. +After saving, the *Supported regions* row on the cluster settings page displays your configured regions. Clients in VPCs located in the supported regions can now create PrivateLink endpoints that connect to your Redpanda cluster.