Skip to main content
Build the future with Agentforce at TDX in San Francisco or on Salesforce+ on March 5–6. Register now.

Create an Inbound Connection

Learning Objectives

After completing this unit, you’ll be able to:

  • Create a PrivateLink connection in AWS between your customer VPC and the Salesforce transit VPC.
  • Create the inbound connection in Salesforce.

Create an Endpoint in AWS

Maria first creates a PrivateLink connection from the customer VPC to the Salesforce-managed transit VPC through a new AWS endpoint.

The AWS cloud with a PrivateLink connection pointing from the customer VPC to the Salesforce transit VPC.

An AWS endpoint requires an endpoint service name to connect to, in this case the Salesforce-managed transit VPC name. Fortunately, that’s really easy to find in the Private Connect Setup page in Salesforce! 

  1. From Setup, enter Private Connect in the Quick Find box, and then select Private Connect.
  2. Click AWS Regions to view the available regions, IAM Roles, and Service Names.
    NOTE: IAM refers to AWS Identity and Access Management. An IAM role is an IAM identity that you can create in your account that has specific permissions.
  3. Find the region in which your VPC is hosted and copy the corresponding Service Name. Maria copies the service name from the AWS region us-west-2; the service name is a string like com.amazonaws.vpce.us-west-2.vpce-svc-0517044fc3.

 

The Private Connect Setup page, with the list of AWS regions. The service name of each region is highlighted.

Maria now uses the AWS console to create an endpoint using the service name she retrieved for Ursa Major Solar’s VPC. She then makes a note (somewhere safe!) of the following information about the endpoint that she’ll use later.

  • VPC Endpoint ID: Used when creating the Salesforce inbound connection.
  • VPC ID: Used when configuring Amazon Route 53.
  • IP address/addresses from the subnet of the created endpoint: Used when configuring Amazon Route 53.

Voila! Maria successfully created a PrivateLink connecting the customer VPC to the Salesforce managed transit VPC.

Create an Inbound Connection in Salesforce

Maria is now all set to create an inbound connection using the VPC Endpoint ID of her newly created endpoint in AWS.

  1. From Setup, enter Private Connect in the Quick Find box, and then select Private Connect.
  2. Click Create Inbound Connection.
  3. Select the AWS PrivateLink Connection Type.
  4. Enter the Connection Name, the VPC Endpoint ID, and specify the region you are connecting to.
  5. Select No, I would like to provision my connection later.
    NOTE: An unprovisioned inbound connection means the private connection between your Salesforce org and VPC environment is not yet established. You can have as many unprovisioned connections as needed. A connection counts toward your license only when it’s provisioned. Unprovisioned connections are also packageable.
  6. Click Save.

The Salesforce Setup page showing an unprovisioned inbound connection.

OK, so you’ve created a connection, now what? Read on to learn how to use it.

Share your Trailhead feedback over on Salesforce Help.

We'd love to hear about your experience with Trailhead - you can now access the new feedback form anytime from the Salesforce Help site.

Learn More Continue to Share Feedback