Connection modalities
Understanding Prequel's various source and destination connection options
| Connection option | Description |
|---|---|
| Username & password | By default, most sources and destinations are accessed via single-purpose users. These users can be used in combination with other connection options (like SSH tunneling, IP whitelisting, or RBAC accounts) for enhanced security. |
| Service accounts | Where available, Prequel also supports accessing sources and destinations via special purpose service accounts. |
| SSH tunneling | Some sources and destinations are not exposed to the public internet, but are instead accessed via an SSH tunnel through a bastion host in the same VPC. Prequel supports SSH tunneling on sources and destinations that support it. |
| IP whitelisting | Some sources and destinations support enhanced access control by restricting access to an IP whitelist. In most deployments, the Prequel service will be deployed behind a set of static IPs that can be whitelisted for this purpose. |
| Role-based access control (RBAC) accounts | In some cases, the owner of a multi-tenanted source or destination may wish for a given tenant's data to be accessed with a tenant-specific user. For these cases, Prequel supports using tenant-specific users and credentials to access data. Note: using this method will incur additional operational overhead as a new user will need to be generated for each additional connection. |
| Key-Pair | Prequel can generate public/private key pairs, and supported source & destination systems can whitelist the public key for passwordless auth. |
Updated about 15 hours ago