LogoLogo
Python SDKSlack
  • Documentation
  • Cookbooks
  • Self-Hosting
  • Release Notes
  • Reference
  • API Reference
    • Overview
    • Python SDK
    • OpenTelemetry SDK
    • OpenInference SDK
    • Phoenix OSS
    • GraphQL API
      • Getting Started with GraphQL
      • How To Use GraphQL
        • Forming Calls
        • Using global node IDs
        • Querying Nested Data
        • Notebook Examples
        • Mutations
      • Admin API
      • Annotations API
      • Custom Metrics API
      • Dashboards API
      • File Importer API
      • Online Tasks API
      • Metrics API
      • Models API
      • Monitors API
      • Table Importer API
      • Resource Limitations
  • Export Data API
  • Prompt Hub API
  • Authentication & security
    • Arize Private Connect
    • API Keys
    • SSO & RBAC
      • Setting Up SSO with Okta
    • Compliance
      • Arize Audit Log
    • Whitelisting
Powered by GitBook

Support

  • Chat Us On Slack
  • support@arize.com

Get Started

  • Signup For Free
  • Book A Demo

Copyright © 2025 Arize AI, Inc

On this page
  • Architecture Overview
  • Benefits of Deploying Arize Private Connect

Was this helpful?

  1. Authentication & security

Arize Private Connect

Was this helpful?

Arize provides multiple deployment options including SaaS, Arize PrivateConnect (supporting AWS PrivateLink, Azure Private Link, and Google Cloud's Private Service Connect), and VPC deployments to ensure secure cloud connectivity. This document outlines why Arize PrivateConnect is the recommended solution for most customers, offering secure and seamless integration with existing cloud infrastructure while maintaining data privacy and operational agility.

Talk to our customer solutions team for more detailed setup instructions by reaching out to support@arize.com

Architecture Overview

When you set up Arize with PrivateConnect, your cloud storage account creates a VPC endpoint that connects directly to Arize's cloud environment. When your application sends AI/ML telemetry data to Arize, it flows through this private endpoint inside your cloud provider's network - never touching the public internet.

The data first goes to your secure virtual private cloud environment, then through the private service endpoint, and finally reaches Arize's compute resources. Everything stays within the cloud provider's private network backbone, ensuring secure and private data transmission between your infrastructure and Arize's platform. By having PrivateConnect, any API or UI related operation will also be driven by this PrivateConnect endpoint and user operations will not touch the public internet at all.

Here is a sample diagram for Arize PrivateConnect using AWS PrivateLink:

Example Architecture Setup for AWS

Benefits of Deploying Arize Private Connect

  • Ease of Setup and Faster Time-to-Value: Setting up Arize PrivateConnect is typically faster than a full VPC installation across all cloud providers. This quicker setup reduces time-to-value and lets customers start using the platform immediately.

  • Reduced Operational Complexity: With Arize PrivateConnect, customers don't have to manage complex networking or infrastructure updates within their virtual network. Instead, they can connect directly to the Arize platform without the need for extensive configurations, upgrades, or ongoing maintenance.

  • Data Security & Isolation: Arize PrivateConnect provides secure, private connections without exposing traffic to the internet, maintaining a high level of security similar to VPC deployments. The service is accessible from a customer's virtual network directly, keeping traffic isolated and secure within each cloud provider's network backbone.

  • Scalability & Flexibility: Arize PrivateConnect allows customers to easily connect to the Arize platform from any of their virtual networks within a single region or even across regions (with appropriate network peering). This flexibility can be especially beneficial as usage grows or if multi-region access is needed without reconfiguring or expanding a full VPC deployment.

  • Ongoing Compliance and Updates: By connecting through Arize PrivateConnect, customers can leverage the latest security updates, patches, and feature improvements of the Arize platform without requiring downtime or maintenance within their own virtual network due to Arize's CI/CD deployment practices.

  • Cost Efficiency: Arize PrivateConnect can significantly reduce costs compared to a full virtual network deployment. A VPC deployment requires additional infrastructure and ongoing maintenance, while Arize PrivateConnect uses managed network connections, cutting down infrastructure and operational expenses.

  • Simplified Access Control: Arize PrivateConnect integrates easily with each cloud provider's identity and access management services (AWS IAM, Azure AD, Google Cloud IAM), providing granular control over access to the platform without requiring complex configuration in addition to SSO.

Using Arize PrivateConnect provides a private, secure, and high-performance connection with all the advantages of using a managed SaaS platform without the added overhead of deploying and managing the entire software stack in their environment. This solution works seamlessly whether you're using AWS PrivateLink, Azure Private Link, or Google Cloud's Private Service Connect.