Connection Options

Last updated on Apr 12, 2024
On This Page

Hevo offers multiple ways to connect to your Source account for ingesting the data. The following options are available to you:

Direct connection

Hevo connects to your Source database or SaaS application directly with the database login credentials, API Keys, or OAuth tokens. This is the easiest way to connect. For database Sources, you can connect directly only if the database is publicly accessible. Refer to the respective Source documents for the steps to configure such Sources.

Secure Shell (SSH) connection

Hevo allows for both SSH and Reverse SSH connections to database Sources. This connection method enhances the security of remote connections when your database is not publicly accessible. To connect to an SSH tunnel server, you must whitelist Hevo’s IP address of the region where your account is created. However, this type of connection may introduce latency in the Pipeline due to encryption and tunneling. Read Connecting Through SSH and Connecting Through Reverse SSH Tunnel for the steps to set up the SSH and Reverse SSH connections, respectively.

Note: SSH connections are available for database Sources only.

Through Amazon Web Services

You can connect through Amazon Web Services (AWS) to your Source and or Destination database inside an AWS Virtual Private Cloud (VPC) using one of the following methods:

  • AWS Transit Gateway Peering: This method facilitates communication to your Source or Destination database via a transit gateway peering attachment. A transit gateway acts as a virtual router, allowing you to manage your network easily if you have multiple VPCs. You can route traffic from various VPCs through a transit gateway to Hevo’s VPC. This connection method enhances data security, as your data does not leave AWS’ network. Read Connecting Through AWS Transit Gateway for the steps to implement this option for your account.

  • AWS VPC Endpoint: This method facilitates a direct connection between your VPC and Hevo’s using an AWS PrivateLink. A VPC endpoint is a virtual device that allows seamless communication between VPCs within the same region. This connection method reduces latency, optimizes data transfer, and enhances data security, as your data does not leave AWS’ network. Read Connecting Through AWS VPC Endpoint for the steps to implement this option for your account.

  • AWS VPC Peering: This method facilitates communication between two VPCs using private IP addresses. This connection method provides optimized network communication, enhanced data security, and reduced network costs, as your data does not leave AWS’ network. Read Connecting Through AWS VPC Peering for the steps to implement this option for your account.

Note: All connection options via AWS are feasible only if your Source and or Destination database is hosted in AWS.

Selecting the Optimal Connection Option for Database Sources

In the case of database Sources, you can consider the following parameters while deciding the connection type:

  • Data Sensitivity: If your database does not contain any sensitive data, you can establish a direct connection between Hevo and the database for optimal data replication. However, for sensitive data, an SSH or one of the VPC connection methods is recommended due to its enhanced encryption and tunneling.

  • Database accessibility: If your database is:

    • Hosted on-premise or on a public cloud network, you can directly connect it to Hevo.

    • Not publicly accessible over the internet, you can set up an SSH connection.

    • Hosted in a VPC different from Hevo, you can set up a connection using one of the AWS VPC methods.

Optimizing the Data Replication for Database Sources

To optimize the Pipeline performance and data replication efficiency for your SaaS or database Source, ensure that your Source database or application is either colocated or geographically closest to the region where you create the Pipeline. For example, create your Pipeline in the US region if your database or application is present in the US region.

Note: Since the data ingestion takes longer than loading, the account is usually set up where your data lies. However, you can optimize on the Source or Destination location, or select a different region altogether.


Revision History

Refer to the following table for the list of key updates made to this page:

Date Release Description of Change
Apr-15-2024 NA - Added content for AWS VPC Endpoint connection option.
- Reorganized the Connection Options overview into subsections.
Apr-08-2024 NA Added the AWS transit gateway peering connection option.
Mar-25-2024 NA Added AWS VPC Peering as a connection option and removed VPC connection.
Apr-14-2023 NA New document.
Was this page helpful?

Tell us what went wrong