From ed74855dfe92c1f8b0d2ea615a8e750db45c1248 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Fri, 7 Jun 2024 19:19:19 -0400
Subject: [PATCH 01/11] init privatelink

---
 .../storage/aws-privatelink-beta.md           | 61 +++++++++++++++++++
 1 file changed, 61 insertions(+)
 create mode 100644 src/connections/storage/aws-privatelink-beta.md

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
new file mode 100644
index 0000000000..6600abe558
--- /dev/null
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -0,0 +1,61 @@
+---
+title: Amazon Web Services PrivateLink
+hidden: true
+---
+
+[Amazon Web Services' PrivateLink](https://aws.amazon.com/privatelink/){:target="_blank”} is an AWS service that provides private connectivity between VPCs without exposing traffic to the public Internet.
+
+> info ""
+> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}.
+
+During the AWS PrivateLink Private Beta, Segment supports the following integrations: 
+- Databricks
+  - [Databricks storage destination](/docs/connections/storage/catalog/databricks/)
+  - [Databricks Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/databricks-setup/)
+  - [Databricks Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/databricks-profiles-sync/)
+- RDS Postgres
+  - [RDS Postgres storage destination](/docs/connections/storage/catalog/postgres/)
+  - [RDS Postgres Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/postgres-setup/)
+  - [RDS Postgres Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
+- Redshift
+  - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)
+  - [Redshift Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/redshift-setup/)
+  - [Redshift Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
+
+## Getting started
+
+You can set up AWS PrivateLink for [Databricks](), [RDS Postgres], and [Redshift]. 
+
+### Databricks
+
+> info "Segment recommends reviewing the Databricks documentation before attempting AWS PrivateLink setup"
+> The setup required to configure the Databricks PrivateLink integration requires front-end and back-end PrivateLink configuration. Review the [Databricks documentation on AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} to ensure you have everything required to set up this configuration before continuing. 
+
+#### Prerequisites
+
+Before you begin, [reach out to Segment]() and indicate your interest in configuring AWS PrivateLink for Databricks. Segment's engineering team will create a VPC endpoint on your behalf and share the VPC endpoint ID with you. You need information about this VPC endpoint to [Create VPC Endpoints](https://docs.databricks.com/en/security/network/classic/privatelink.html#step-3-register-privatelink-objects){:target="_blank”} in your Databricks instance.
+
+To configure AWS PrivateLink for Databricks:
+- Your Databricks account must be on the [Enterprise pricing tier](https://www.databricks.com/product/pricing/platform-addons){:target="_blank”} and use the [E2 version](https://docs.databricks.com/en/archive/aws/end-of-life-legacy-workspaces.html#e2-architecture){:target="_blank”} of the platform. 
+- Your Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
+- You must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”} 
+
+> warning "The `us-west-1` region does not support PrivateLink"
+> Create a Databricks warehouse in a new region to use PrivateLink.
+
+### Getting started
+
+To configure PrivateLink for Databricks, follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create both [front-end and back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connections to integration PrivateLink for Segment.
+
+### RDS Postgres 
+
+1. Create a Network Load Balancer VPC endpoint service using the instructions in the [Create a service powered by AWS PrivateLink](https://docs.aws.amazon.com/vpc/latest/privatelink/create-endpoint-service.html){:target="_blank”} documentation. 
+2. [Reach out to Segment]() for more details about Segment's AWS principal.
+3. Add the Segment AWS principal as an “Allowed Principal” to consume the service.
+4. [Reach out to Segment]() and provide Segment's engineering team with the name of the service that you created above and the region that service is located in. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. After creating the VPC, Segment either provides you with private DNS so you can configure the feature in the Segment app or creates an RDS Postgres source or destination on your behalf already configured with the required connection settings.
+
+### Redshift
+
+1. [Reach out to Segment]() and let the engineering team know you're interested in configuring AWS PrivateLink for Redshift. Segment's engineering team will then share information with you about Segment’s Edge account and VPC.
+2. After you receive information from Segment about the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
+3. Segment creates a Redshift managed VPC endpoint within a Redshift subnet on your behalf, which creates an internal PrivateLink Endpoint URL. Segment will provide you with this URL, which you need to configure your Warehouse in the Segment app. 

From 4ce0adb48d53714555e6da490944b7c24f395e08 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Tue, 11 Jun 2024 11:54:19 -0400
Subject: [PATCH 02/11] Update aws-privatelink-beta.md

---
 src/connections/storage/aws-privatelink-beta.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index 6600abe558..e33a2ca26f 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -3,10 +3,10 @@ title: Amazon Web Services PrivateLink
 hidden: true
 ---
 
-[Amazon Web Services' PrivateLink](https://aws.amazon.com/privatelink/){:target="_blank”} is an AWS service that provides private connectivity between VPCs without exposing traffic to the public Internet.
+[Amazon Web Services' PrivateLink](https://aws.amazon.com/privatelink/){:target="_blank”} is an AWS service that provides private connectivity between VPCs without exposing traffic to the public Internet. Keeping traffic in the Amazon network reduces the data security risk associated with exposing your Warehouse traffic to the Internet.
 
 > info ""
-> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}.
+> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. 
 
 During the AWS PrivateLink Private Beta, Segment supports the following integrations: 
 - Databricks
@@ -24,7 +24,7 @@ During the AWS PrivateLink Private Beta, Segment supports the following integrat
 
 ## Getting started
 
-You can set up AWS PrivateLink for [Databricks](), [RDS Postgres], and [Redshift]. 
+You can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rds-postgres), and [Redshift](#redshift). 
 
 ### Databricks
 

From 16bed9013eda4acfd9475ede09e531513461c111 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Thu, 13 Jun 2024 14:28:56 -0400
Subject: [PATCH 03/11] Update aws-privatelink-beta.md

---
 .../storage/aws-privatelink-beta.md           | 43 ++++++++++---------
 1 file changed, 22 insertions(+), 21 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index e33a2ca26f..526e7b03c8 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -6,21 +6,7 @@ hidden: true
 [Amazon Web Services' PrivateLink](https://aws.amazon.com/privatelink/){:target="_blank”} is an AWS service that provides private connectivity between VPCs without exposing traffic to the public Internet. Keeping traffic in the Amazon network reduces the data security risk associated with exposing your Warehouse traffic to the Internet.
 
 > info ""
-> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. 
-
-During the AWS PrivateLink Private Beta, Segment supports the following integrations: 
-- Databricks
-  - [Databricks storage destination](/docs/connections/storage/catalog/databricks/)
-  - [Databricks Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/databricks-setup/)
-  - [Databricks Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/databricks-profiles-sync/)
-- RDS Postgres
-  - [RDS Postgres storage destination](/docs/connections/storage/catalog/postgres/)
-  - [RDS Postgres Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/postgres-setup/)
-  - [RDS Postgres Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
-- Redshift
-  - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)
-  - [Redshift Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/redshift-setup/)
-  - [Redshift Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
+> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. You might incur additional networking costs while using AWS PrivateLink. 
 
 ## Getting started
 
@@ -33,19 +19,26 @@ You can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rd
 
 #### Prerequisites
 
-Before you begin, [reach out to Segment]() and indicate your interest in configuring AWS PrivateLink for Databricks. Segment's engineering team will create a VPC endpoint on your behalf and share the VPC endpoint ID with you. You need information about this VPC endpoint to [Create VPC Endpoints](https://docs.databricks.com/en/security/network/classic/privatelink.html#step-3-register-privatelink-objects){:target="_blank”} in your Databricks instance.
-
-To configure AWS PrivateLink for Databricks:
+Before you can configure AWS PrivateLink for Databricks:
 - Your Databricks account must be on the [Enterprise pricing tier](https://www.databricks.com/product/pricing/platform-addons){:target="_blank”} and use the [E2 version](https://docs.databricks.com/en/archive/aws/end-of-life-legacy-workspaces.html#e2-architecture){:target="_blank”} of the platform. 
 - Your Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
-- You must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”} 
+- You must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”}
+- You must have a technical parter in your organization to support the PrivateLink integration.
+-  
 
-> warning "The `us-west-1` region does not support PrivateLink"
+> warning "Only warehouses in the `us-east-1` region support Segment's PrivateLink integration"
 > Create a Databricks warehouse in a new region to use PrivateLink.
 
 ### Getting started
 
-To configure PrivateLink for Databricks, follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create both [front-end and back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connections to integration PrivateLink for Segment.
+To configure PrivateLink for Databricks, follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create a [back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connection to integrate with Segment's front-end connection. 
+
+After you've configured a back-end connection for Databricks, request access to Segment's PrivateLink integration by taking the following steps:
+1. Open your [Databricks storage destination](/docs/connections/storage/catalog/databricks/), [Databricks Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/databricks-setup/), or [Databricks Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/databricks-profiles-sync/).
+2. Navigate to **Settings > Connection**. 
+3. Click the **Request PrivateLink** button and fill out the 
+
+<!--- todo: get context about what happens when users click the link--->
 
 ### RDS Postgres 
 
@@ -56,6 +49,14 @@ To configure PrivateLink for Databricks, follow the instructions in Databricks'
 
 ### Redshift
 
+#### Prerequisites
+- **You're using the RA3 node type**: <br>Segment's PrivateLink integration requires you to use one of the following RA3 instances types: 
+  - ra3.16xlarge
+  - ra3.4xlarge
+  - ra3.xlplus  
+- **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone duew to lack of resources. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster.
+- **Your warehouse is using port range 5431-5455 and 8191-8215**: 
+
 1. [Reach out to Segment]() and let the engineering team know you're interested in configuring AWS PrivateLink for Redshift. Segment's engineering team will then share information with you about Segment’s Edge account and VPC.
 2. After you receive information from Segment about the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
 3. Segment creates a Redshift managed VPC endpoint within a Redshift subnet on your behalf, which creates an internal PrivateLink Endpoint URL. Segment will provide you with this URL, which you need to configure your Warehouse in the Segment app. 

From e4a6164742237a746a6d6a955eb874ce47fee75e Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Thu, 13 Jun 2024 17:01:59 -0400
Subject: [PATCH 04/11] finish PrivateLink first round of docs

---
 .../storage/aws-privatelink-beta.md           | 80 +++++++++++--------
 1 file changed, 45 insertions(+), 35 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index 526e7b03c8..c4d824eb78 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -8,55 +8,65 @@ hidden: true
 > info ""
 > Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. You might incur additional networking costs while using AWS PrivateLink. 
 
-## Getting started
-
 You can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rds-postgres), and [Redshift](#redshift). 
 
-### Databricks
+## Databricks
 
 > info "Segment recommends reviewing the Databricks documentation before attempting AWS PrivateLink setup"
 > The setup required to configure the Databricks PrivateLink integration requires front-end and back-end PrivateLink configuration. Review the [Databricks documentation on AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} to ensure you have everything required to set up this configuration before continuing. 
 
-#### Prerequisites
-
-Before you can configure AWS PrivateLink for Databricks:
-- Your Databricks account must be on the [Enterprise pricing tier](https://www.databricks.com/product/pricing/platform-addons){:target="_blank”} and use the [E2 version](https://docs.databricks.com/en/archive/aws/end-of-life-legacy-workspaces.html#e2-architecture){:target="_blank”} of the platform. 
-- Your Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
-- You must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”}
-- You must have a technical parter in your organization to support the PrivateLink integration.
--  
-
-> warning "Only warehouses in the `us-east-1` region support Segment's PrivateLink integration"
-> Create a Databricks warehouse in a new region to use PrivateLink.
+### Prerequisites
+Before you can configure AWS PrivateLink for Databricks, complete the following prerequisites in your Databricks workspace:
+- Databricks account must be on the [Enterprise pricing tier](https://www.databricks.com/product/pricing/platform-addons){:target="_blank”} and use the [E2 version](https://docs.databricks.com/en/archive/aws/end-of-life-legacy-workspaces.html#e2-architecture){:target="_blank”} of the platform. 
+- Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity.](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
+  - Configure your [VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} with DNS hostnames and DNS resolution
+  - Configure a [security group](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html#security-groups){:target="_blank”} with bidirectional access to 0.0.0/0 and ports 443, 3306, 6666, 2443, and 8443-8451. 
+- Must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC.](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”}
+- You must have a technical partner in your organization to support the PrivateLink integration.
 
-### Getting started
+> warning ""
+> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
 
-To configure PrivateLink for Databricks, follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create a [back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connection to integrate with Segment's front-end connection. 
+### Configure PrivateLink for Databricks
+To configure PrivateLink for Databricks:
+1. Follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create a [back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connection to integrate with Segment's front-end connection. 
+2. After you've configured a back-end connection for Databricks, request access to Segment's PrivateLink integration by reaching out to your Customer Success Manager (CSM).
+3. Your CSM shares information with you about Segment's AWS Principal. 
+4. Add Segment's AWS Principal as an Allowed Principal to use the 
 
-After you've configured a back-end connection for Databricks, request access to Segment's PrivateLink integration by taking the following steps:
-1. Open your [Databricks storage destination](/docs/connections/storage/catalog/databricks/), [Databricks Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/databricks-setup/), or [Databricks Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/databricks-profiles-sync/).
-2. Navigate to **Settings > Connection**. 
-3. Click the **Request PrivateLink** button and fill out the 
+## RDS Postgres 
 
-<!--- todo: get context about what happens when users click the link--->
-
-### RDS Postgres 
+> warning ""
+> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
 
 1. Create a Network Load Balancer VPC endpoint service using the instructions in the [Create a service powered by AWS PrivateLink](https://docs.aws.amazon.com/vpc/latest/privatelink/create-endpoint-service.html){:target="_blank”} documentation. 
-2. [Reach out to Segment]() for more details about Segment's AWS principal.
-3. Add the Segment AWS principal as an “Allowed Principal” to consume the service.
-4. [Reach out to Segment]() and provide Segment's engineering team with the name of the service that you created above and the region that service is located in. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. After creating the VPC, Segment either provides you with private DNS so you can configure the feature in the Segment app or creates an RDS Postgres source or destination on your behalf already configured with the required connection settings.
+2. Reach out to your Customer Success Manager (CSM) for more details about Segment's AWS principal.
+3. Add the Segment AWS principal as an “Allowed Principal” to consume the Network Load Balancer VPC endpoint service you created in step 1.
+4. Reach out to your CSM and provide them with the name of the service that you created above. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. 
+5. After creating the VPC, Segment either provides you with private DNS so you can configure the feature in the Segment app or creates an RDS Postgres integration in the Segment app on your behalf. This integration is already configured with the connection settings you need to power AWS PrivateLink. <br> The following RDS Postgres integrations support PrivateLink: 
+  - [RDS Postgres storage destination](/docs/connections/storage/catalog/postgres/)
+  - [RDS Postgres Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/postgres-setup/)
+  - [RDS Postgres Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
+
+## Redshift
 
-### Redshift
+> warning ""
+> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
 
-#### Prerequisites
-- **You're using the RA3 node type**: <br>Segment's PrivateLink integration requires you to use one of the following RA3 instances types: 
+### Prerequisites
+- **You're using the RA3 node type**: <br>To access Segment's PrivateLink integration, use one of the following RA3 instance types: 
   - ra3.16xlarge
   - ra3.4xlarge
   - ra3.xlplus  
-- **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone duew to lack of resources. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster.
-- **Your warehouse is using port range 5431-5455 and 8191-8215**: 
-
-1. [Reach out to Segment]() and let the engineering team know you're interested in configuring AWS PrivateLink for Redshift. Segment's engineering team will then share information with you about Segment’s Edge account and VPC.
-2. After you receive information from Segment about the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
-3. Segment creates a Redshift managed VPC endpoint within a Redshift subnet on your behalf, which creates an internal PrivateLink Endpoint URL. Segment will provide you with this URL, which you need to configure your Warehouse in the Segment app. 
+- **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster. To enable cluster relocation, follow the instructions in the AWS [Relocating your cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html){:target="_blank”} documentation. 
+- **Your warehouse is using port range 5431-5455 and 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
+
+### Configure PrivateLink for Redshift
+Implement Segment's PrivateLink integration by taking the following steps:
+1. Let your Customer Success Manager (CSM) know that you're interested in PrivateLink. They will share information with you about Segment’s Edge account and VPC.
+2. After you receive the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
+3. Segment creates a Redshift managed VPC endpoint within a Redshift subnet on your behalf, which creates an internal PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
+4. After Segment provides you with the URL, use it to update or create new Redshift integrations. The following integrations support PrivateLink: 
+  - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)
+  - [Redshift Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/redshift-setup/)
+  - [Redshift Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)

From d597325727a53e6c740203a24625b7ad75736b81 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Thu, 13 Jun 2024 17:22:03 -0400
Subject: [PATCH 05/11] [netlify-build]

---
 src/connections/storage/aws-privatelink-beta.md | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index c4d824eb78..3951d3ae53 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -21,8 +21,6 @@ Before you can configure AWS PrivateLink for Databricks, complete the following
 - Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity.](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
   - Configure your [VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} with DNS hostnames and DNS resolution
   - Configure a [security group](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html#security-groups){:target="_blank”} with bidirectional access to 0.0.0/0 and ports 443, 3306, 6666, 2443, and 8443-8451. 
-- Must have the AWS permissions required to [set up a new Databricks workspace](https://docs.databricks.com/en/admin/workspace/create-workspace.html#before-you-begin){:target="_blank”} and [create a VPC.](https://docs.aws.amazon.com/vpc/latest/privatelink/getting-started.html#create-vpc-subnets){:target="_blank”}
-- You must have a technical partner in your organization to support the PrivateLink integration.
 
 > warning ""
 > Only resources in the `us-east-1` region support Segment's PrivateLink integration.
@@ -31,8 +29,7 @@ Before you can configure AWS PrivateLink for Databricks, complete the following
 To configure PrivateLink for Databricks:
 1. Follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create a [back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connection to integrate with Segment's front-end connection. 
 2. After you've configured a back-end connection for Databricks, request access to Segment's PrivateLink integration by reaching out to your Customer Success Manager (CSM).
-3. Your CSM shares information with you about Segment's AWS Principal. 
-4. Add Segment's AWS Principal as an Allowed Principal to use the 
+3. Your CSM sets up a call with Segment R&D to continue the onboarding process. 
 
 ## RDS Postgres 
 
@@ -65,7 +62,7 @@ To configure PrivateLink for Databricks:
 Implement Segment's PrivateLink integration by taking the following steps:
 1. Let your Customer Success Manager (CSM) know that you're interested in PrivateLink. They will share information with you about Segment’s Edge account and VPC.
 2. After you receive the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
-3. Segment creates a Redshift managed VPC endpoint within a Redshift subnet on your behalf, which creates an internal PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
+3. Segment creates a Redshift managed VPC endpoint within the Segment Redshift subnet on your behalf, which creates a PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
 4. After Segment provides you with the URL, use it to update or create new Redshift integrations. The following integrations support PrivateLink: 
   - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)
   - [Redshift Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/redshift-setup/)

From 33252c59294b8e4d387ad40e2ba6033ac8e02636 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Thu, 13 Jun 2024 17:22:49 -0400
Subject: [PATCH 06/11] fixing beta stage [netlify-build]

---
 src/connections/storage/aws-privatelink-beta.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index 3951d3ae53..36e2e0fd09 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -6,7 +6,7 @@ hidden: true
 [Amazon Web Services' PrivateLink](https://aws.amazon.com/privatelink/){:target="_blank”} is an AWS service that provides private connectivity between VPCs without exposing traffic to the public Internet. Keeping traffic in the Amazon network reduces the data security risk associated with exposing your Warehouse traffic to the Internet.
 
 > info ""
-> Segment's PrivateLink integration is currently in public beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. You might incur additional networking costs while using AWS PrivateLink. 
+> Segment's PrivateLink integration is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. You might incur additional networking costs while using AWS PrivateLink. 
 
 You can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rds-postgres), and [Redshift](#redshift). 
 

From f96bbcf0f199ebe0ac5ae63d67c3e20ebe64b2e7 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Mon, 17 Jun 2024 15:07:09 -0400
Subject: [PATCH 07/11] Update src/connections/storage/aws-privatelink-beta.md

---
 src/connections/storage/aws-privatelink-beta.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index 36e2e0fd09..a1bf18d6ce 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -56,7 +56,7 @@ To configure PrivateLink for Databricks:
   - ra3.4xlarge
   - ra3.xlplus  
 - **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster. To enable cluster relocation, follow the instructions in the AWS [Relocating your cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html){:target="_blank”} documentation. 
-- **Your warehouse is using port range 5431-5455 and 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
+- **Your cluster is using a port within the ranges 5431-5455 or 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
 
 ### Configure PrivateLink for Redshift
 Implement Segment's PrivateLink integration by taking the following steps:

From 718ee6bb769295b5e558cd441eb10bdd9abc8080 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Mon, 17 Jun 2024 15:35:44 -0400
Subject: [PATCH 08/11] address eng comments [netlify-build]

---
 .../storage/aws-privatelink-beta.md           | 39 +++++++++----------
 1 file changed, 19 insertions(+), 20 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index a1bf18d6ce..9023dfa219 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -8,7 +8,7 @@ hidden: true
 > info ""
 > Segment's PrivateLink integration is currently in private beta and is governed by Segment’s [First Access and Beta Preview Terms](https://www.twilio.com/en-us/legal/tos){:target="_blank”}. Only warehouses located in region `us-east-1` are eligible for PrivateLink. You might incur additional networking costs while using AWS PrivateLink. 
 
-You can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rds-postgres), and [Redshift](#redshift). 
+During the Private Beta, you can set up AWS PrivateLink for [Databricks](#databricks), [RDS Postgres](#rds-postgres), and [Redshift](#redshift). 
 
 ## Databricks
 
@@ -22,48 +22,47 @@ Before you can configure AWS PrivateLink for Databricks, complete the following
   - Configure your [VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} with DNS hostnames and DNS resolution
   - Configure a [security group](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html#security-groups){:target="_blank”} with bidirectional access to 0.0.0/0 and ports 443, 3306, 6666, 2443, and 8443-8451. 
 
-> warning ""
-> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
-
 ### Configure PrivateLink for Databricks
 To configure PrivateLink for Databricks:
 1. Follow the instructions in Databricks' [Enable private connectivity using AWS PrivateLink](https://docs.databricks.com/en/security/network/classic/privatelink.html){:target="_blank”} documentation. You must create a [back-end](https://docs.databricks.com/en/security/network/classic/privatelink.html#private-connectivity-overview){:target="_blank”} connection to integrate with Segment's front-end connection. 
 2. After you've configured a back-end connection for Databricks, request access to Segment's PrivateLink integration by reaching out to your Customer Success Manager (CSM).
 3. Your CSM sets up a call with Segment R&D to continue the onboarding process. 
 
+The following Databricks integrations support PrivateLink:
+  - [Databricks storage destination](/docs/connections/storage/catalog/databricks/)
+  - [Databricks Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/databricks-setup/)
+
 ## RDS Postgres 
 
-> warning ""
-> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
+### Prerequisites
+Before you can configure AWS PrivateLink for RDS Postgres, complete the following prerequisites in your Databricks workspace:
+- **Set up a Network Load Balancer (NLB) to route traffic to your Postgres database**: Segment recommends creating a NLB that has target group IP address synchronization, using a solution like AWS Lambda. 
+- **Configure your NLB with one of the following settings**: 
+  - Disable the **Enforce inbound rules on PrivateLink traffic** setting
+  - Add an inbound rule that allows traffic belonging from Segment's `us-east-1` PrivateLink/Edge CIDR: `10.248.64.0/18`
 
+### Configure PrivateLink for RDS Postgres
 1. Create a Network Load Balancer VPC endpoint service using the instructions in the [Create a service powered by AWS PrivateLink](https://docs.aws.amazon.com/vpc/latest/privatelink/create-endpoint-service.html){:target="_blank”} documentation. 
 2. Reach out to your Customer Success Manager (CSM) for more details about Segment's AWS principal.
 3. Add the Segment AWS principal as an “Allowed Principal” to consume the Network Load Balancer VPC endpoint service you created in step 1.
-4. Reach out to your CSM and provide them with the name of the service that you created above. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. 
-5. After creating the VPC, Segment either provides you with private DNS so you can configure the feature in the Segment app or creates an RDS Postgres integration in the Segment app on your behalf. This integration is already configured with the connection settings you need to power AWS PrivateLink. <br> The following RDS Postgres integrations support PrivateLink: 
+4. Reach out to your CSM and provide them with the Service name for the service that you created above. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. 
+5. After creating the VPC, Segment provides you with private DNS so you can update the **Host** in your Segment app settings or create a new Redshift integration. <br> The following RDS Postgres integrations support PrivateLink: 
   - [RDS Postgres storage destination](/docs/connections/storage/catalog/postgres/)
   - [RDS Postgres Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/postgres-setup/)
-  - [RDS Postgres Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)
 
 ## Redshift
 
-> warning ""
-> Only resources in the `us-east-1` region support Segment's PrivateLink integration.
-
 ### Prerequisites
-- **You're using the RA3 node type**: <br>To access Segment's PrivateLink integration, use one of the following RA3 instance types: 
-  - ra3.16xlarge
-  - ra3.4xlarge
-  - ra3.xlplus  
+- **You're using the RA3 node type**: To access Segment's PrivateLink integration, use an RA3 instance.
 - **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster. To enable cluster relocation, follow the instructions in the AWS [Relocating your cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html){:target="_blank”} documentation. 
-- **Your cluster is using a port within the ranges 5431-5455 or 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
+- **Your warehouse is using port range 5431-5455 and 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
 
 ### Configure PrivateLink for Redshift
 Implement Segment's PrivateLink integration by taking the following steps:
 1. Let your Customer Success Manager (CSM) know that you're interested in PrivateLink. They will share information with you about Segment’s Edge account and VPC.
 2. After you receive the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
-3. Segment creates a Redshift managed VPC endpoint within the Segment Redshift subnet on your behalf, which creates a PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
-4. After Segment provides you with the URL, use it to update or create new Redshift integrations. The following integrations support PrivateLink: 
+3. Reach back out to your CSM and provide them with the Cluster identifier for your cluster and your and AWS account ID. 
+4. Segment creates a Redshift managed VPC endpoint within the Segment Redshift subnet on your behalf, which creates a PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
+5. After Segment provides you with the URL, use it to update or create new Redshift integrations. The following integrations support PrivateLink: 
   - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)
   - [Redshift Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/redshift-setup/)
-  - [Redshift Profiles Sync destination](/docs/unify/profiles-sync/profiles-sync-setup/#step-1-select-a-warehouse)

From cee8da5b3688fab918564bf9593d782228b0f1d1 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Mon, 17 Jun 2024 18:20:33 -0400
Subject: [PATCH 09/11] Apply suggestions from code review

Co-authored-by: Annie Zhao <anniezhao107@gmail.com>
---
 src/connections/storage/aws-privatelink-beta.md | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/storage/aws-privatelink-beta.md
index 9023dfa219..e8ee682400 100644
--- a/src/connections/storage/aws-privatelink-beta.md
+++ b/src/connections/storage/aws-privatelink-beta.md
@@ -46,7 +46,7 @@ Before you can configure AWS PrivateLink for RDS Postgres, complete the followin
 2. Reach out to your Customer Success Manager (CSM) for more details about Segment's AWS principal.
 3. Add the Segment AWS principal as an “Allowed Principal” to consume the Network Load Balancer VPC endpoint service you created in step 1.
 4. Reach out to your CSM and provide them with the Service name for the service that you created above. Segment's engineering team provisions a VPC endpoint for the service in the Segment Edge VPC. 
-5. After creating the VPC, Segment provides you with private DNS so you can update the **Host** in your Segment app settings or create a new Redshift integration. <br> The following RDS Postgres integrations support PrivateLink: 
+5. After creating the VPC, Segment provides you with private DNS so you can update the **Host** in your Segment app settings or create a new Postgres integration. <br> The following RDS Postgres integrations support PrivateLink: 
   - [RDS Postgres storage destination](/docs/connections/storage/catalog/postgres/)
   - [RDS Postgres Reverse ETL source](/docs/connections/reverse-etl/reverse-etl-source-setup-guides/postgres-setup/)
 
@@ -55,13 +55,13 @@ Before you can configure AWS PrivateLink for RDS Postgres, complete the followin
 ### Prerequisites
 - **You're using the RA3 node type**: To access Segment's PrivateLink integration, use an RA3 instance.
 - **You've enabled cluster relocation**: Cluster relocation migrates your cluster behind a proxy and keeps the cluster endpoint unchanged, even if your cluster needs to be migrated to a new Availability Zone. A consistent cluster endpoint makes it possible for Segment's Edge account and VPC to remain connected to your cluster. To enable cluster relocation, follow the instructions in the AWS [Relocating your cluster](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html){:target="_blank”} documentation. 
-- **Your warehouse is using port range 5431-5455 and 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
+- **Your cluster is using a port within the ranges 5431-5455 or 8191-8215**: Clusters with cluster relocation enabled [might encounter an error if updated to include a port outside of this range](https://docs.aws.amazon.com/redshift/latest/mgmt/managing-cluster-recovery.html#:~:text=You%20can%20change%20to%20another%20port%20from%20the%20port%20range%20of%205431%2D5455%20or%208191%2D8215.%20(Don%27t%20change%20to%20a%20port%20outside%20the%20ranges.%20It%20results%20in%20an%20error.)){:target="_blank”}.
 
 ### Configure PrivateLink for Redshift
 Implement Segment's PrivateLink integration by taking the following steps:
 1. Let your Customer Success Manager (CSM) know that you're interested in PrivateLink. They will share information with you about Segment’s Edge account and VPC.
 2. After you receive the Edge account and VPC, [grant cluster access to Segment's Edge account and VPC](https://docs.aws.amazon.com/redshift/latest/gsg/rs-gsg-connect-to-cluster.html){:target="_blank”}.
-3. Reach back out to your CSM and provide them with the Cluster identifier for your cluster and your and AWS account ID. 
+3. Reach back out to your CSM and provide them with the Cluster identifier for your cluster and your AWS account ID. 
 4. Segment creates a Redshift managed VPC endpoint within the Segment Redshift subnet on your behalf, which creates a PrivateLink Endpoint URL. Segment then provides you with the internal PrivateLink Endpoint URL. 
 5. After Segment provides you with the URL, use it to update or create new Redshift integrations. The following integrations support PrivateLink: 
   - [Redshift storage destination](/docs/connections/storage/catalog/redshift/)

From 91aa6eae1f0ce5e093da2071fff53bad0c755f9e Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Mon, 17 Jun 2024 18:37:16 -0400
Subject: [PATCH 10/11] IA change

---
 .../{storage/aws-privatelink-beta.md => aws-privatelink.md}       | 0
 1 file changed, 0 insertions(+), 0 deletions(-)
 rename src/connections/{storage/aws-privatelink-beta.md => aws-privatelink.md} (100%)

diff --git a/src/connections/storage/aws-privatelink-beta.md b/src/connections/aws-privatelink.md
similarity index 100%
rename from src/connections/storage/aws-privatelink-beta.md
rename to src/connections/aws-privatelink.md

From d041e593c10cb69091dce4b0505288ed036d5574 Mon Sep 17 00:00:00 2001
From: forstisabella <92472883+forstisabella@users.noreply.github.com>
Date: Tue, 18 Jun 2024 11:12:34 -0400
Subject: [PATCH 11/11] Update src/connections/aws-privatelink.md

Co-authored-by: pwseg <86626706+pwseg@users.noreply.github.com>
---
 src/connections/aws-privatelink.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/connections/aws-privatelink.md b/src/connections/aws-privatelink.md
index e8ee682400..e7fd3dfdfb 100644
--- a/src/connections/aws-privatelink.md
+++ b/src/connections/aws-privatelink.md
@@ -18,7 +18,7 @@ During the Private Beta, you can set up AWS PrivateLink for [Databricks](#databr
 ### Prerequisites
 Before you can configure AWS PrivateLink for Databricks, complete the following prerequisites in your Databricks workspace:
 - Databricks account must be on the [Enterprise pricing tier](https://www.databricks.com/product/pricing/platform-addons){:target="_blank”} and use the [E2 version](https://docs.databricks.com/en/archive/aws/end-of-life-legacy-workspaces.html#e2-architecture){:target="_blank”} of the platform. 
-- Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity.](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}
+- Databricks workspace must use a [Customer-managed VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} and [Secure cluster connectivity](https://docs.databricks.com/en/security/network/classic/secure-cluster-connectivity.html){:target="_blank”}.
   - Configure your [VPC](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html){:target="_blank”} with DNS hostnames and DNS resolution
   - Configure a [security group](https://docs.databricks.com/en/security/network/classic/customer-managed-vpc.html#security-groups){:target="_blank”} with bidirectional access to 0.0.0/0 and ports 443, 3306, 6666, 2443, and 8443-8451.