To integrate Monte Carlo with data warehouses, lakes and BI tools, you will need to enable network connectivity between Monte Carlo's data collector and your non-public resources.
Most setups will use one of the following methods to establish network connectivity:
If integrating with a Redshift cluster our Alpha Network Recommender can help!
Many networking configurations will require knowledge of the source IP used by Monte Carlo's data collector. If Monte Carlo is hosting your data collector on its environment, please reach out to your representative to obtain your dedicated source IP.
If you are hosting the data collector in your own AWS account, please follow these steps to identify the collector's source IP address:
- Sign in to the AWS console in the account where the data collector is deployed.
- Go to CloudFormation > Stacks and click on the data collector's stack. The stack will typically be names "monte-carlo".
- Click the "Outputs" tab and identify the key "PublicIP".
If you govern access to your data resources using IP filtering (e.g. using a firewall, AWS security groups or Snowflake network policies), please add the data collector's source IP address to your whitelist.
If your IP filtering policies specify protocol and port ranges, please make sure to whitelist the protocol and port used by your data resource (e.g. Redshift typically requires TCP over port 5439).
See here for CloudFormation templates that can be used to automate this process and help manage resources as code.
If your data resource (e.g. Redshift, Tableau) resides in a VPC on AWS, the easiest and most recommended way to establish connectivity is via VPC peering.
To set up peering, please follow these steps:
- Identify the VPC in which your data collector resources are hosted (see screenshot below), and the VPC in which your data resource is hosted.
- Follow AWS's peering instructions to peer your VPCs. You may need to update your routing tables to enable communication between the two VPCs.
CIDR block overlaps
VPC peering is not possible when the peered VPCs use overlapping CIDR blocks. If this case emerges, you may choose to use a custom CIDR block for your Monte Carlo data collector. See here for details.
- If your data resource is protected by a security group you will need to enable access from the data collector. This can typically be done by retrieving the data collector's security group by searching for AWS::EC2::SecurityGroup in the stack resources and whitelisting it for the appropriate protocol/port in your resource's security group. See here for additional details.
Interested in networking via PrivateLink? Monte Carlo does have the ability to connect to AWS resources via PrivateLink; if interested, please let your Monte Carlo representative know, and we'd be happy to work with you to get you up and running!
Updated about 1 month ago