Skip to content

Latest commit

 

History

History
24 lines (17 loc) · 3.37 KB

README.md

File metadata and controls

24 lines (17 loc) · 3.37 KB

Connecting to Heroku Postgres from MuleSoft CloudHub via PrivateLink

DISCLAIMER

The author of this article makes any warranties about the completeness, reliability and accuracy of this information. Any action you take upon the information of this website is strictly at your own risk, and the author will not be liable for any losses and damages in connection with the use of the website and the information provided.

Setup procedure

Connecting directly via PrivateLink to a Heroku Postgres from MuleSoft CloudHub is not (yet) supported, however, it’s possible to overcome this limitation using an intermediate AWS VPC.

Connecting to Heroku Postgres from MuleSoft CloudHub via PrivateLink

  1. Follow the procedure described in the article Connecting to a Private or Shield Heroku Postgres Database via PrivateLink to create a PrivateLink to Heroku Postgres and a VPC Endpoint within an AWS VPC. You can use this Terraform project to automate the required tasks. Once created, the VPC endpoint should resolve to a fixed private IP (within the AWS VPC CIDR) via public DNS records
  2. Create an AWS Transit Gateway
  3. Create a Transit Gateway attachment to the AWS VPC created previously (e.g. VPC B - 10.2.0.0/16)
  4. Create a MuleSoft CloudHub VPC (e.g. VPC A - 10.4.0.0/16) where to deploy the applications that need to access the Heroku Postgres and assign it to a specific environment(s) (e.g. Sandbox)
  5. Create a Transit Gateway attachment from CloudHub
  6. Configure the outbound traffic from the MuleSoft CloudHub VPC to the AWS VPC
  7. Edit the AWS VPC (e.g. VPC B - 10.2.0.0/16) routes and add a route to the MuleSoft CloudHub VPC (e.g. VPC A - 10.4.0.0/16) via the Transit Gateway
  8. Configure the MuleSoft Application Database Config to connect to Heroku Postgres and use the VPC Endpoint URL created in step (1) (see here) as the database connection URL
  9. Deploy the MuleSoft Application into the environment (e.g. Sandbox) assigned to the MuleSoft CloudHub VPC and using the same VPC region
  10. Ensure that the MuleSoft Application worker has a private IP within the assigned MuleSoft CloudHub VPC CIDR (e.g. VPC A - 10.4.0.0/16) using dig mule-worker-internal-<application name>.<region>.cloudhub.io (e.g. dig mule-worker-internal-myapp.de-c1.eu1.cloudhub.io)
  11. Check from the logs that the MuleSoft Application worker starts correctly and that the Postgres connection is created without any errors