All Products
Search

This Product

    Simple Log Service:Access Simple Log Service through PrivateLink

    Document Center

    Simple Log Service:Access Simple Log Service through PrivateLink

    Last Updated:Jul 03, 2025

    PrivateLink lets you access resources in a virtual private cloud (VPC) from another VPC over secure and private networks. PrivateLink simplifies network architecture and mitigates security risks from the Internet. This topic explains how to access Simple Log Service using PrivateLink.

    Background information

    When accessing cloud services, you may encounter the following challenges:

    • Data security concerns: Public networks can expose sensitive information.

    • Address space conflicts: Default network segments used by cloud services may overlap with those in your data center.

    • Operations and management issues: Traditional private network access methods complicate independent audits of cloud service traffic.

    To address these challenges, we recommend using PrivateLink, which offers several key benefits:

    • Enhanced data privacy: Enables private network access, reducing the risk of data exposure.

    • Optimized network architecture: Simplifies routing, avoids address conflicts, and improves management efficiency.

    • Enhanced access control: Supports source authentication for precise access management, along with VPC flow logs and traffic mirroring for monitoring and auditing access traffic.

    Prerequisites

    Billing

    • No fees are charged to activate PrivateLink. After activation, you are billed hourly based on your actual usage, including instance and data transfer fees. For more information, see Billing of PrivateLink.

    • The service consumer and provider of PrivateLink can be different Alibaba Cloud accounts, and fees can be billed to either account. For more information, see Payer.

    Procedure

    1. Create an endpoint.

      1. Log on to the VPC console.

      2. In the left navigation bar, click Endpoints.

      3. In the top menu bar, select a region that supports private access to Simple Log Service resources through endpoints.

      4. On the Interface Endpoint tab, click Create Endpoint.

      5. On the Create Endpoint page, configure the following parameters and retain the default values for other parameters.

        Parameter

        Description

        Endpoint Name

        Specify a name for the endpoint.

        Endpoint Type

        Select Interface Endpoint, which indicates that the service consumer accesses the service through an interface endpoint.

        Endpoint Service

        Click Alibaba Cloud Service, find com.aliyuncs.privatelink.${region_id}.log, and select it.

        Note

        • ${region_id} represents the region ID of your Simple Log Service project. For example, the ${region_id} for China (Hangzhou) is cn-hangzhou. For more information, see Supported regions.

        • You can associate an endpoint with only one endpoint service.

        image

        VPC

        Select the VPC for which you want to create an endpoint.

        Security Groups

        Select the security group that you want to associate with the endpoint elastic network interface (ENI). A security group lets you manage communication to and from the endpoint ENI.

        Zone and VSwitch

        Select the zone of the endpoint service and a vSwitch in the zone. The system automatically creates an endpoint ENI in the vSwitch.

      6. Click OK.

        After the endpoint is created, note the generated endpoint domain name for accessing Simple Log Service later.

        image.png

    2. Access Simple Log Service using the endpoint domain name.

      1. Connect to the ECS instance.

      2. Access Simple Log Service through the SDK using the endpoint domain name.

        import com.aliyun.openservices.log.Client;
import com.aliyun.openservices.log.exception.LogException;

public class CreateProject {
    public static void main(String[] args) throws LogException {
        // Obtain an AccessKey ID and an AccessKey secret from environment variables.
        String accessId = System.getenv("ALIBABA_CLOUD_ACCESS_KEY_ID");
        String accessKey = System.getenv("ALIBABA_CLOUD_ACCESS_KEY_SECRET");
        // Enter the Project name.
        String projectName = "ali-test-project";
        // Enter the endpoint domain name.
        String host = "https://cn-hangzhou-internal.log.aliyuncs.com";

        // Create a Simple Log Service client.
        Client client = new Client(host, accessId, accessKey);
        // Create a Project.
        try {
            String projectDescription = "project description";
            System.out.println("ready to create project");
            client.CreateProject(projectName, projectDescription);
            System.out.println(String.format("create project %s success",projectName));

        } catch (LogException e) {
            System.out.println("LogException e :" + e.toString());
            System.out.println("error code :" + e.GetErrorCode());
            System.out.println("error message :" + e.GetErrorMessage());
        }
    }
}