Q: I have a user or application that needs to access a data repository protected by Cyral. What host name and port number do they use?
A: Any user or application that needs to access the database must use the sidecar load balancer address as the host. For the port number, use the port number that was assigned when your Cyral administrator assigned a sidecar to the repository. To find the host and port number, see "Finding the sidecar host and port number for a repository," below.
Finding the sidecar host and port number for a repository
To find the host and port where you or your application will connect to the data repository, do this:
- In the Cyral management console, click Access and find your repository in the list.
- Click the Connect button.
- Find the sidecar you wish to use. Connection details are shown for each sidecar that offers access to this repository. Use the copy button to copy the details to your clipboard.
Finding all sidecar details for a repository
To find the user connection details for a repository as well as full details about the sidecars through which they'll connect, do this:
- In the Cyral management console, click Repositories and find your repository in the list. Note the name of the sidecar through which you'll connect. (There may be more than one sidecar for the repository.)
- Click Sidecars in the menu on the left. Find the sidecar whose name you just noted. Use search if needed. Click the sidecar's name.
- In the Sidecar Details: Repositories list, find the repository you wish to connect to. Its host and port are shown in the Sidecar Endpoint column. Use these values to connect your application or query client to the repository. In the Instances tab and in the main Repositories tab, you can see health and location details for the sidecar.
Suppose you have a PostgreSQL repository that is hosted at mypg-database.us-east-1.rds.aws.com:5432 and a sidecar running at mysidecar.us-east-1.aws.com. When you attach this PostgreSQL repository to the sidecar in the Cyral control plane you can opt to expose a different port to the user (let's consider 5434). Thus, you must connect your application using the host mysidecar.us-east-1.aws.com and port 5434. The sidecar is responsible for redirecting your requests on this address to the actual database that is running on mypg-database.us-east-1.rds.aws.com on port 5432.