<aside> 💡
If your database is not connected to the global internet, you can integrate by connecting Vect to a Bastion instance with SSH tunneling, see How to set up SSH Tunneling with Bastion
</aside>
Screen Recording 2025-05-25 at 15.56.35.mov
A Bastion instance that is on the same VPC as your database (or otherwise has access to it via network calls)
That Bastion instance should have Ingress/Egress rules that whitelist Vect’s IPs:
<aside>
💛 If needed, whitelist all of Vect’s Integration service static IPs 35.188.205.109, 34.46.85.107, 35.227.217.132, 34.144.199.222.
</aside>
To setup an SSH account for Vect on the Bastion, run the following snippet inside the EC2 Bastion:
VECT_PUBLIC_KEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAILBMyJ/hp8UWHNp1wMDoNt3rLyJI9kyEcwrmnQC/fU5E [email protected]"
# We don't actually use the user password, since we connect via ssh
USER_PASSWORD=password
# Add a vect user
sudo adduser vect --password $USER_PASSWORD
# Ensure the authorized_keys file exists
sudo mkdir -p /home/vect/.ssh
sudo touch /home/vect/.ssh/authorized_keys
# Add Vect's public key to the file
sudo bash -c "echo $VECT_PUBLIC_KEY > /home/vect/.ssh/authorized_keys"
# Change keys file owner to vect user
sudo chmod 644 /home/vect/.ssh/authorized_keys
sudo chown vect:vect /home/vect/.ssh/authorized_keys
<aside> 📨
Once you’re done, you can fill the Bastion host address in the Vect form and continue your integration ✨
</aside>