Overview

The Overview tab displays the connection information for your database service for use with client applications.

Connection details

• Host — Displays the name assigned to your database service at the time of provisioning and the domain name. The format is <DNS name>.<Domain name>, where the DNS name is the service name you assigned in the format <service name>-<suffix>. Tessell generates the suffix.

  Note: Tessell also supports DNS names without the suffix, in the format <servicename>.<Domain name>. To enable this feature, contact Tessell support.

  To modify the DNS name, click the edit button to the right of the hostname. You can also click the copy button to copy the hostname.

  Host name editing is only supported for single-instance services. For HA services, Tessell ensures that this hostname DNS always points to the primary instance. During failovers and switchovers, the platform manages the DNS to point to the correct IP. It is important that all applications and clients use this hostname in their connection strings.

• Connect to — Displays that connections are made to the database.

• Database — Displays the database name you can connect to using the service URL. Copy the database name using the copy button.

• Username — Displays the username for connecting to the database. Copy the username using the copy button.

• Password — Set or reset the password for the username. Specify a new password and click Reset to change it. By default, the password is encrypted. Click the eye icon to view it.

• Port — Displays the port number for your database service. The default port for PostgreSQL is 5432. Copy the port number using the copy button.

• Connection Pool Port — Displays the port number on which PgBouncer listens for pooled connections. The default port is 6432. Applications that want to use connection pooling connect to this port instead of the standard PostgreSQL port.

• Service URL — Displays the complete URL of your database service. Use this URL to connect to your database service from a terminal. Each database service can have one or more instances. Each instance, database, and connection pooler is assigned a different service URL. Copy the URL using the copy button.

CA certificate — Displays that database connections are secured through an SSL certificate. You can view, download, or copy the certificate. This is only available for database services provisioned with the SSL option enabled.

Refresh History — Displayed only for cloned services. Shows the last refreshed date and time.

Publicly accessible — Disabled by default. Public access cannot be enabled if the VPC/VNet is configured for private access only.

1. Click the edit button to change the public access setting.

2. Click Update to apply the changes.

Allowed IP addresses — Lists the client IP addresses from which connection requests are accepted. This provides access only for the database port.

To add or remove a client IP address:

1. Click the edit button. The Update Connectivity window appears.

2. Click + Add current client IP <address> to add your current IP.

3. After editing the list, click Update to apply the changes.

4. You can also whitelist CIDR blocks using this option.

AWS private link — Provides an AWS private link to connect to your database service. Use this private link to connect to the primary instance. In HA instances, it automatically routes to the acting primary instance during switchover.

1. Click the edit button to add, remove, or update the AWS private link. The Private Link dialog box appears.

2. Specify the allowed AWS principal ARNs for endpoint connections. Accepted formats:

   • AWS account: arn:aws:iam::<account-id>:root

   • Specific IAM user: arn:aws:iam::<account-id>:user/<user-name>

   • Specific IAM role: arn:aws:iam::<account-id>:role/<role-name>

3. Click Create. The status changes to Updating. Wait for the service endpoint to appear and make a note of it.

4. Create an interface endpoint using the AWS console:

   1. Open the Amazon VPC console.

   2. In the navigation pane, choose Endpoints, then Create endpoint.

   3. Select Other endpoint services and specify the service endpoint noted above.

   4. Click Verify service.

   5. Select the VPC and subnets, choose IPv4 for IP address type, and click Save.

5. After the endpoint status changes to Available, note the DNS name from the VPC Details tab (the one without a region name).

6. Use this DNS name to connect to your database service.

Azure Private Link — Provides an Azure private link to connect to your database service. Use this private link to connect to the primary instance. In HA instances, it automatically routes to the acting primary instance during switchover. A dedicated private link is required for DR/RR instances.

1. Click the edit button to add the Azure private link. The Private Link window appears.

2. Specify the allowed Azure subscription ID and press Enter.

3. Click Create. Wait for the service endpoint to appear and make a note of it.

4. Create a private endpoint using the Azure portal:

   1. Navigate to Private endpoints and click + Create.

   2. On the Basics tab, choose a resource group, specify a name, and select a region. Click Next.

   3. On the Resource tab, select Connect to an Azure resource by resource ID or alias, specify the service endpoint from the Tessell portal, and click Next.

   4. On the Virtual Network tab, choose a virtual network and subnet. Click Next.

   5. Leave the DNS tab as-is and click Next.

   6. Optionally add tags, then click Create.

5. After Tessell approves your connection request, the connection state changes to Approved.

6. Note the private IP of the private endpoint and use it as the host name in your service URL.

Tags — Displays the key-value pair tags assigned to your database service. A unique tag is assigned at the time of provisioning.

Figure 1: Overview tab