Today, we’re excited to announce AWS PrivateLink connectivity for Momento. If you have heard of AWS PrivateLink, it’s probably relevant to your company and you can contact us to learn more! But for those who want to learn more about what this means and why it’s important, read on.
Caching is ubiquitous—and each microservice often sets up its own cache. While this is great for performance and reducing database spend, it presents a governance challenge. Most caches are not secure by default. They don’t have per-request authentication, they don’t require encrypted client sessions, and they require complex configuration to become secure. Momento is secure by default. Our launch of AWS PrivateLink connectivity means enterprises can maintain their data on a private network, adding a robust new layer of security on top of our encrypted transport layer, giving high-compliance, high-scale workloads a more secure experience.
Using AWS PrivateLink with Momento to mount VPC endpoints has several advantages:
VPC endpoints are private
When you mount the VPC endpoint, you will connect to your Momento Cache via an internal private IP address. This ensures no data being sent to Momento ever gets transmitted over a public network. It will appear similar to deploying an internal load balancer in your VPC, but fully managed and backed by Momento.
VPC endpoints are unidirectional
VPC endpoints offer better governance. You can limit connections to be established only via your VPC. There is no way for Momento to establish a connection back into your private network. For high-compliance environments, achieving private connectivity to a service provider while ensuring its not possible to start inbound connections to your network is a powerful control that helps companies keep a more secure and restricted network architecture.
VPC endpoints are cheaper
If you are running a high-bandwidth workload in a private subnet and using NAT gateways to connect out to Momento’s public endpoints, traffic costs can balloon quickly. By using VPC endpoints, you ensure traffic does not need to route through a NAT gateway—translating to network cost savings.
Solving the security problems with legacy caching solutions has always been a promise of the Momento platform. We’re proud to continue delivering on that by offering these benefits to our enterprise customers with the launch of AWS PrivateLink support.
Do you have high-compliance or high-scale needs that require VPC connectivity? Contact us to get started.