Connection modalities

Understanding Prequel's various source and destination connection options

Connection optionDescription
Username & passwordBy default, most sources and destinations are accessed via single-purpose users. These users can be used in combination with other connection options (like SSH tunneling, IP whitelisting, or RBAC accounts) for enhanced security.
Service accountsWhere available, Prequel also supports accessing sources and destinations via special purpose service accounts.
SSH tunnelingSome sources and destinations are not exposed to the public internet, but are instead accessed via an SSH tunnel through a bastion host in the same VPC. Prequel supports SSH tunneling on sources and destinations that support it.
IP whitelistingSome sources and destinations support enhanced access control by restricting access to an IP whitelist. In most deployments, the Prequel service will be deployed behind a set of static IPs that can be whitelisted for this purpose.
Role-based access control (RBAC) accounts In some cases, the owner of a multi-tenanted source or destination may wish for a given tenant's data to be accessed with a tenant-specific user. For these cases, Prequel supports using tenant-specific users and credentials to access data.

Note: using this method will incur addition operational overhead as a new user will need to be generated for each additional connection.