For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
      • AstroFully-managed data operations, powered by Apache Airflow.
      • Astro Private CloudRun Airflow-as-a-service in your environment.
      • Professional ServicesExpert Airflow services for your enterprise's success.
    • Tools
      • Cosmos
      • Orbiter
      • CLI
      • AI SDK
      • Agents
      • Blueprint
      • UpdatesThe State of Airflow 2026See the insights from over 5,800 data practitioners in the full report. Download Now ➔
  • Customers
  • Docs
    • Insights
      • Blog
      • Webinars
      • Resource Library
      • Events
    • Education
      • Academy
      • What is Airflow?
  • Pricing
Get Started Free
    • Overview
        • Connect to data services
          • AWS
            • Access a public AWS endpoint
          • Azure
          • GCP
      • Billing
    • Book Office Hours

Product

  • Platform Overview
  • Astro
  • Astro Observe
  • Astro Private Cloud
  • Security & Trust
  • Pricing

Tools & Services

  • Cosmos
  • Docs
  • Professional Services
  • Product Updates

Use Cases

  • AI Ops
  • Data Observability
  • ETL/ELT
  • ML Ops
  • Operational Analytics
  • All Use Cases

Industries

  • Financial Services
  • Gaming
  • Retail
  • Manufacturing
  • Healthcare
  • All Industries

Resources

  • Academy
  • eBooks & Guides
  • Blog
  • Webinars
  • Events
  • The Data Flowcast Podcast
  • All Resources

Airflow

  • What is Airflow
  • Airflow on Astro
  • Airflow 3.0
  • Airflow Upgrades
  • Airflow Use Cases
  • Airflow 2.x End of Life

Company

  • Our Story
  • Customers
  • Newsroom
  • Careers
  • Contact

Support

  • Knowledge Base
  • Status
  • Contact Support
GitHubYouTubeLinkedInx
  • Legal
  • Privacy
  • Terms of Service
  • Consent Preferences

  • Do Not Sell or Share My Personal information
  • Limit the Use Of My Sensitive Personal Information

Apache Airflow®, Airflow, and the Airflow logo are trademarks of the Apache Software Foundation. Copyright © Astronomer 2026. All rights reserved.

LogoLogo
On this page
  • Standard and dedicated cluster support for AWS networking
  • Private networking connections
  • See Also
AdministrationNetworkingConnect to data services

Create a network connection between Astro and AWS

Edit this page
Built with

You can grant Astro cluster and its Deployments access to your external AWS resources.

Publicly accessible endpoints allow you to quickly connect your Astro clusters or Deployments to AWS through an Airflow connection. If your cloud restricts IP addresses, you can add the external IPs of your Deployment or cluster to an AWS resource’s allowlist. See Connect to a public AWS endpoint

If you have stricter security requirements, you can create a private connection to AWS in a few different ways. See Private networking connections for more information.

After you create a connection from your cluster to AWS, you might also need to individually authorize Deployments to access specific resources. See Authorize your Deployment using workload identity.

Standard and dedicated cluster support for AWS networking

Standard clusters have different connection options than dedicated clusters.

Standard clusters can connect to AWS in the following ways:

  • Using static external IP addresses
  • Using PrivateLink to connect with the following endpoints:
    • Amazon S3 - Gateway Endpoint
    • Amazon Simple Queue Service (SQS) - Interface Endpoint - Amazon Elastic Container Registry (ECR) - Interface Endpoints for ECR API and Docker Registry API
    • Elastic Load Balancing (ELB) - Interface Endpoint
    • AWS Security Token Service (AWS STS) - Interface Endpoint

Private networking connections

Dedicated clusters can connect to AWS in the same ways as standard clusters. Additionally, they support a number of private connectivity options including:

  • VPC peering
  • Transit Gateways
  • AWS PrivateLink
  • VPN
  • Hostname resolution options

If you require a private connection between Astro and AWS, Astronomer recommends configuring a dedicated cluster. See Create a dedicated cluster. Transitive connectivity to on-premise networks is also possible through your managed VPCs. However, architectures with a demarcation point between Astro and your on-premise network are not supported.

See Also

  • Manage Airflow connections and variables
  • Authorize your Deployment using workload identity