Post image

We just shipped Neon Private Networking, a feature that lets you connect to your Neon database through AWS PrivateLink with zero exposure to the public internet. If your infra is in AWS, this feature makes it much easier to meet your security and compliance requirements while enjoying Neon’s developer experience. Private Networking is available in our Business and Enterprise plans. 

Securing Connectivity Between AWS and Neon 

If your infrastructure runs on AWS, you’re probably familiar with keeping services inside a VPC for security. Companies using Amazon RDS or Aurora typically deploy those databases in private subnets, ensuring that database traffic never leaves AWS’s internal network.

However, using a managed cloud database service outside your AWS account (like Neon) would mean your application had to connect over the public internet—and even with encryption, sending database queries over the internet can raise security flags. Compliance regulations might also demand guarantees that their data flows are contained within controlled networks, or internal policies might prohibit direct internet access for critical systems.

How Neon Private Networking works

Neon Private Networking solves this problem by integrating Neon with AWS PrivateLink to provide a secure, private endpoint for your database. Instead of connecting to Neon over the internet, your application connects to an endpoint within your AWS environment that bridges directly to Neon: 

  1. Neon provides an AWS PrivateLink endpoint service in the same AWS region as your database.
  2. You then create a VPC endpoint in your AWS VPC, and link it to Neon 
  3. Your application then routes all database queries through this private endpoint, where Neon’s isolated proxy forwards traffic securely to your database.

The entire setup is self-serve and easy to configure, and there’s no code changes required (your database connection string stays the same).

Post image

How to set it up 

Getting started with Neon Private Networking is straightforward. You’ll need to create a VPC endpoint in your AWS account and link it to Neon’s AWS PrivateLink service. Once set up, your application will automatically route database queries through the private connection—no code changes needed.

For step-by-step instructions, check out our Private Networking setup guide.

Wrap up

Neon’s Private Networking is available now for all customers on our Business and Enterprise plans. If you have questions, contact us, and we’ll be happy to help.

If you’re new to Neon, sign up today and see how easy it is to run Postgres with built-in security, scalability, and a developer-friendly experience.