Enabling secure tunnel

For watsonx Orchestrate on AWS, a Secure Tunnel provides endpoint-to-endpoint connections across a network without opening firewall rules in an enterprise network. It allows access between different networks through TCP over HTTPS technology. The traffic through these connections is encrypted with HTTPS.

The secure tunnel configuration is made with the help of the IBM Support. For more information about how to contact the IBM Support and open a case, see Getting help and support.

Open a support case to modify your tenant configurations for a tunnel connection and application mapping. Include the following information in the case:

• Hostname: The hostname or IP address for the API in your private network, for example, "https://my-env-dev.nonprod.example.com".
• Platform: The platform that your host is running, for example, "virtual machine (VM)".
• watsonx Orchestrate crn details: To know the crn ID, click your profile and then About. Send the screenshot of the About page.

After your case is processed, you receive an installer with instructions to install on your environment to complete the secure tunnel configuration.

Then, you are ready to use private skills that use this secure tunnel. To configure a private skill, your developers needs to set the x-ibm-skill-subtype property to private in the skill OAS file. For more information, see Configuring OpenAPI specification subtype.