Connecting to Databases in Superblocks

Superblocks facilitates seamless integrations with popular databases so you team can easily access and build tools right on top of your company's data. By leveraging various authentication methods and network settings, you can centrally manage how developers connect to your data ensuring reliable access and secure access to data.

Connection method

When connecting to databases in Superblocks, you will typically have two options:

Connection form

This method lets you connect by filling out a simple form with your database credentials. This user-friendly interface is designed for ease of use, enabling you to connect to your database quickly without needing extensive technical knowledge.

Connection forms usually limit you to connecting via username/password authentication. If you need to need to connect using a more advanced authentication method provided by your database, you may want to explore using a connection string.

Connection string

Alternatively, you can connect using a connection string, which lets you enter an arbitrary connection URI. This method provides greater flexibility, letting you specify additional parameters, making it suitable for advanced configurations or custom setups.

The format required for the connection string and options available varies by database. The following databases support connection strings and have the following expected forms.

Database	String format	Docs
Amazon Redshift	redshift://[:username]:[:password]@[:host]:[:port]/[:database]	Docs Note: Exclude the jdbc prefix from the connection string
CockroachDB	postgres://<username>:<password>@<host>:<port>/<database>?<parameters>	Docs
MariaDB	mariadb://[<user>[:<password>]@]<host>[:<port>]/[<db>[?<opt1>=<value1>[&<optx>=<valuex>]]]	Docs
Microsoft SQL	Server=[:serverName],[:port];Database=[:database];User Id=[user];Password=[:password];Encrypt=[true/false]	Docs
MongoDB	mongodb+srv://<username>:<password>@<host>/?retryWrites=true&w=majority	Docs
MySQL	mysql://[:username]:[:password]@[:host]:[:port]/[:database]	Docs
PostgreSQL	postgres://[:user]:[:password]@[:host]:[:port]/[:database]	Docs
Redis	redis://[:password@]host[:port][/db-number]	Docs

Networking

For Superblocks to connect to your database the Superblocks Agent will need network access. If you database is available on public subnets or allows any IP to connect, you should have no problems.

For security purposes, many databases are configured to limit who can connect to them. In this case, you'll need to configure you database to accept inbound traffic from the Superblocks Agent.

IP allowlist

To let Superblocks Cloud connect to your database, update your database's ingress allowlist to include the following:

US Region

• NAT hostname: nat.superblocks.com
• Current DNS: A Records
• Last recorded IPs:

  107.22.228.244
  3.93.101.124
  34.209.17.50
  34.227.169.51
  35.155.119.178
  35.171.116.214
  35.86.18.137
  44.232.244.93
  54.148.33.216

EU Region

• NAT hostname: nat.eu.superblocks.com
• Current DNS: A Records
• Last recorded IPs:

  52.17.136.219
  99.81.159.1
  54.220.65.107
  13.50.50.66
  13.50.81.30
  13.51.231.18

In-network Agent

Alternatively, you can access in-network resources by deploying the Superblocks On-Premise Agent inside the same network as your database.

The On-Premise Agent will execute your APIs and connect directly to your databases, ensuring all your data is kept securely within your corporate firewall.

Network settings

SSL configuration

Superblocks supports the ability to establish connections using Secure Socket Layer (SSL), a protocol for creating authenticated and encrypted links between networked computers.

Configuring SSL

SSL can be configured using the Integration configuration form for supported integrations.

1. On the Integration configuration form for your DB, select Enable SSL
2. Optionally, select Use a self-signed SSL certificate. If selected, provide the following:
   • Server CA: Database server's Certificate Authority (CA) certificate
   • Client key: Client's private key
   • Client cert: Client's public key certificate

SSH configuration

warning

SSH Tunneling is only available when using Superblocks Cloud

Sometimes databases can't be accessed directly and require SSH tunneling to access. SSH or Secure Shell is a network communication protocol that allows two computers to communicate and encrypts shared data, letting you connect to DBs on private subnets securely from Superblocks Cloud.

SSH authentication methods

Superblocks supports the following SSH Authentication methods:

• Username/password
• Private key authentication
• Public key authentication (RSA or Ed25519)

Configuring SSH tunnels

SSH tunneling can be configured using the Integration configuration form for supported integrations.

1. Configure your SSH server to allow connections from Superblocks's IPs

2. On the Integration configuration form for you DB, select Use SSH Tunnel

3. Select an Authentication method

4. Specify the following shared configuration values:

   • Bastion host: The name or IP address of the SSH server
   • Bastion port: The port number used for the SSH connection
   • Bastion username: The username required for SSH authentication

5. Follow instructions based on the selected Authentication method

   Password

   Enter the following configuration values:

   • Password: The SSH account password for the Bastion user

   Private key

   Enter the following configuration values:

   • Public key: The public key of your SSH server's public/private key pair
   • Private key: The private key of your SSH server's public/private key

   Public key (RSA or Ed25519)

   Copy the Superblocks provided Public key to your SSH server's ~/.ssh/authorized_keys file

Support by Integration

The following network settings are supported by each database integration.

Integration	SSL	SSL Certificate	SSH Tunneling
Amazon Redshift
CockroachDB
MariaDB
Microsoft SQL Server
MongoDB
MySQL
Postgres