Network Connectivity

To integrate Monte Carlo with data warehouses, lakes and BI tools, you will need to enable network connectivity between Monte Carlo's data collector and your non-public resources.

Most setups will use one of the following methods to establish network connectivity:

  1. IP filtering
  2. VPC peering

👍

If integrating with a Redshift cluster our Alpha Network Recommender can help!

Identifying your collector's IP address

Many networking configurations will require knowledge of the source IP used by Monte Carlo's data collector. If Monte Carlo is hosting your data collector on its environment, please reach out to your representative to obtain your dedicated source IP.

If you are hosting the data collector in your own AWS account, please follow these steps to identify the collector's source IP address:

  1. Sign in to the AWS console in the account where the data collector is deployed.
  2. Go to CloudFormation > Stacks and click on the data collector's stack. The stack will typically be names "monte-carlo".
  3. Click the "Outputs" tab and identify the key "PublicIP".
26202620

Finding your data collector's source IP address

IP filtering

If you govern access to your data resources using IP filtering (e.g. using a firewall, AWS security groups or Snowflake network policies), please add the data collector's source IP address to your whitelist.

If your IP filtering policies specify protocol and port ranges, please make sure to whitelist the protocol and port used by your data resource (e.g. Redshift typically requires TCP over port 5439).

VPC peering

📘

See here for CloudFormation templates that can be used to automate this process and help manage resources as code.

If your data resource (e.g. Redshift, Tableau) resides in a VPC on AWS, the easiest and most recommended way to establish connectivity is via VPC peering.

To set up peering, please follow these steps:

  1. Identify the VPC in which your data collector resources are hosted (see screenshot below), and the VPC in which your data resource is hosted.
  2. Follow AWS's peering instructions to peer your VPCs. You may need to update your routing tables to enable communication between the two VPCs.

🚧

CIDR block overlaps

VPC peering is not possible when the peered VPCs use overlapping CIDR blocks. If this case emerges, you may choose to use a custom CIDR block for your Monte Carlo data collector. See here for details.

  1. If your data resource is protected by a security group you will need to enable access from the data collector. This can typically be done by retrieving the data collector's security group by searching for AWS::EC2::SecurityGroup in the stack resources and whitelisting it for the appropriate protocol/port in your resource's security group. See here for additional details.
26322632

Finding your data collector's VPC ID

📘

PrivateLinking

Interested in networking via PrivateLink? Monte Carlo does have the ability to connect to AWS resources via PrivateLink or Managed Endpoints; if interested, please let your Monte Carlo representative know, and we'd be happy to work with you to get you up and running!


Did this page help you?