Skip to main content

Connecting to Databases in Superblocks

Superblocks facilitates seamless integrations with popular databases so you team can easily access and build tools right on top of your company's data. By leveraging various authentication methods and network settings, you can centrally manage how developers connect to your data ensuring reliable access and secure access to data.

Connection method

When connecting to databases in Superblocks, you will typically have two options:

Connection form

This method lets you connect by filling out a simple form with your database credentials. This user-friendly interface is designed for ease of use, enabling you to connect to your database quickly without needing extensive technical knowledge.

Connection forms usually limit you to connecting via username/password authentication. If you need to need to connect using a more advanced authentication method provided by your database, you may want to explore using a connection string.

Connection string

Alternatively, you can connect using a connection string, which lets you enter an arbitrary connection URI. This method provides greater flexibility, letting you specify additional parameters, making it suitable for advanced configurations or custom setups.

The format required for the connection string and options available varies by database. The following databases support connection strings and have the following expected forms.

Database
String format
Docs
Amazon Redshiftredshift://[:username]:[:password]@[:host]:[:port]/[:database]Docs
Note: Exclude the jdbc prefix from the connection string
CockroachDBpostgres://<username>:<password>@<host>:<port>/<database>?<parameters>Docs
MariaDBmariadb://[<user>[:<password>]@]<host>[:<port>]/[<db>[?<opt1>=<value1>[&<optx>=<valuex>]]]Docs
Microsoft SQLServer=[:serverName],[:port];Database=[:database];User Id=[user];Password=[:password];Encrypt=[true/false]Docs
MongoDBmongodb+srv://<username>:<password>@<host>/?retryWrites=true&w=majorityDocs
MySQLmysql://[:username]:[:password]@[:host]:[:port]/[:database]Docs
PostgreSQLpostgres://[:user]:[:password]@[:host]:[:port]/[:database]Docs
Redisredis://[:password@]host[:port][/db-number]Docs

Networking

For Superblocks to connect to your database the Superblocks Agent will need network access. If you database is available on public subnets or allows any IP to connect, you should have no problems.

For security purposes, many databases are configured to limit who can connect to them. In this case, you'll need to configure you database to accept inbound traffic from the Superblocks Agent.

IP allowlist

To let Superblocks Cloud connect to your database, update your database's ingress allowlist to include the following:

  • NAT hostname: nat.superblocks.com
  • Current DNS: A Records
  • Last recorded IPs:
    107.22.228.244
    3.93.101.124
    34.209.17.50
    34.227.169.51
    35.155.119.178
    35.171.116.214
    35.86.18.137
    44.232.244.93
    54.148.33.216

In-network Agent

Alternatively, you can access in-network resources by deploying the Superblocks On-Premise Agent inside the same network as your database.

The On-Premise Agent will execute your APIs and connect directly to your databases, ensuring all your data is kept securely within your corporate firewall.

Network settings

SSL configuration

Superblocks supports the ability to establish connections using Secure Socket Layer (SSL), a protocol for creating authenticated and encrypted links between networked computers.

Configuring SSL

SSL can be configured using the Integration configuration form for supported integrations.

SSL Certificate Authentication From

  1. On the Integration configuration form for your DB, select Enable SSL
  2. Optionally, select Use a self-signed SSL certificate. If selected, provide the following:
    • Server CA: Database server's Certificate Authority (CA) certificate
    • Client key: Client's private key
    • Client cert: Client's public key certificate

SSH configuration

warning

SSH Tunneling is only available when using Superblocks Cloud

Sometimes databases can't be accessed directly and require SSH tunneling to access. SSH or Secure Shell is a network communication protocol that allows two computers to communicate and encrypts shared data, letting you connect to DBs on private subnets securely from Superblocks Cloud.

SSH authentication methods

Superblocks supports the following SSH Authentication methods:

  • Username/password
  • Private key authentication
  • Public key authentication (RSA or Ed25519)

Configuring SSH tunnels

SSH tunneling can be configured using the Integration configuration form for supported integrations.

SSH Tunneling Configuration Form

  1. Configure your SSH server to allow connections from Superblocks's IPs

  2. On the Integration configuration form for you DB, select Use SSH Tunnel

  3. Select an Authentication method

  4. Specify the following shared configuration values:

    • Bastion host: The name or IP address of the SSH server
    • Bastion port: The port number used for the SSH connection
    • Bastion username: The username required for SSH authentication
  5. Follow instructions based on the selected Authentication method

    Enter the following configuration values:

    • Password: The SSH account password for the Bastion user

Support by Integration

The following network settings are supported by each database integration.

Integration
SSL
SSL Certificate
SSH Tunneling
Amazon Redshift
CockroachDB
MariaDB
Microsoft SQL Server
MongoDB
MySQL
Postgres