# Introducing DeltaStream Private Links Private links enable you to securely connect DeltaStream to a data store or schema registry in your private VPC without exposing your data to the public internet. Sensitive data never leaves your private network perimeter. You can securely access a storage platform, then query your data however you wish. There are separate setup instructions for each of 4 storage platforms: * [Confluent Cloud Kafka](/how-do-i.../creating-private-links/creating-an-aws-private-link-from-deltastream-to-your-confluent-kafka-dedicated-cluster.md) * [Enterprise Kafka Cluster and private schema registry](/how-do-i.../creating-private-links/enabling-private-link-connectivity-to-confluent-enterprise-cluster-and-schema-registry.md) * [AWS Managed Kafka (MSK)](/how-do-i.../creating-private-links/creating-a-private-link-from-deltastream-to-amazon-msk.md) * [PostgreSQL database hosted within AWS](/how-do-i.../creating-private-links/creating-a-private-link-for-rds-databases.md) In addition to more robust security, using private links support: * faster performance due to lower latency and higher bandwidth (since network traffic does not leave the AWS internal network) * regulatory compliance by effectively isolating sensitive data within a private network environment. This lowers the risk of a data breach; decreases the potential attack surface for malicious actors; and makes possible fine-grained access controls on private endpoints. * streamlined network management * lower network data transfer cost within AWS Private links are specific both to your DeltaStream organization and to your data store’s AWS region. Setup is important; the steps are exacting and involve using the DeltaStream command line interface (CLI) in tandem with your Confluent Cloud or AWS management console. In broad steps, you: 1. Create a test cluster (typical but not always necessary). 2. Use the DeltaStream CLI to build the SQL that instantiates the private link request from the DeltaStream platform. This involves providing details such as region, endpoint service name, resource ARNs, and DNS information, in your Confluent Cloud or AWS account console that you then copy and paste into the SQL you’re writing. 3. Establish connectivity between the two systems; when you establish an MSK or RDS PostgreSQL private link you must accept private link requests made by DeltaStream to your AWS account. Similarly, from within the Confluent Cloud dashboard you must also accept private link connections made to Confluent Cloud dedicated clusters. Here are the instructions for creating private links: * [Creating an AWS private link to Confluent Cloud Kafka](/how-do-i.../creating-private-links/creating-an-aws-private-link-from-deltastream-to-your-confluent-kafka-dedicated-cluster.md) * [Creating a private link to Confluent Cloud Enterprise](/how-do-i.../creating-private-links/enabling-private-link-connectivity-to-confluent-enterprise-cluster-and-schema-registry.md) * [Creating a private link to RDS Postgres](/how-do-i.../creating-private-links/creating-a-private-link-for-rds-databases.md) * [Creating a private link to AWS MSK](/how-do-i.../creating-private-links/creating-a-private-link-from-deltastream-to-amazon-msk.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.deltastream.io/how-do-i.../creating-private-links/introducing-deltastream-private-links.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.