Back to App

Connect via SSH

Data Security at Airbook

At Airbook, we understand the importance of data security. Our servers employ default encryption to safeguard your data. We store sensitive information, like database credentials and SQL query outputs, using the robust Google Cloud Platform’s (GCP) Secret Key Manager, ensuring stringent access control. Moreover, our API interactions are fortified with HTTPS protocol, guaranteeing encryption of data in transit and protection against unauthorized access.

Enhancing Your Data Privacy

While we provide a secure environment, there are additional steps you can take to further boost your data privacy:

Creating a Dedicated User Account in your Database

For more granular control, consider setting up a dedicated Airbook user account in your Database environment. This allows you to:

  • Assign specific access rights to Airbook, refining its database interactions.

  • Establish limited database views accessible by the Airbook user.

  • Utilize audit logging for detailed monitoring of all Airbook-executed queries.

How to Connect Your Database to Airbook

If you opt for the dedicated user account approach, you’ll need to configure an SSH Tunnel to enable Airbook to query your Database. This involves a one-time setup of a Virtual Machine (VM) within your Virtual Private Cloud (VPC) and installing the AlloyDB Auth Proxy on this VM, often referred to as a "bastion." This bastion should be configured with a port (typically port 22 for SSH) that is accessible to Airbook.

Step-by-Step Guide to Connect AlloyDB to Airbook

  1. Create a Bastion VM in GCP: Set up a Virtual Machine to act as your bastion within the Google Cloud Platform.

  2. Install Database Auth Proxy: Configure the AlloyDB authentication proxy on the bastion VM.

  3. Generate SSH Keypair: Airbook will generate an SSH keypair for your workspace. You can find the public key on your integrations page and should copy it for later use.

  4. Set Up Service Account and User on Bastion: Create a service account for Airbook within GCP and a new user on the bastion linked to this service account. Log in as this user and add the copied public key as an authorized SSH key.

  5. Configure your Database in Airbook:

    • In the SSH section, input the host and port details of your VM, and the user name under which you added the SSH key.

    • In the Database section, enter the host and port of the AlloyDB Auth Proxy and the name of your AlloyDB database. Defaults are usually 127.0.0.1 and 5432.

    • Finally, provide the Username and Password of the AlloyDB user you’ve created for Airbook.

Last updated