Hi,
Agent proxy egress policies are a welcomed addition. Thanks for building it.
Currently it seems to be limited to DNS names. Is it planned to allow us to create policies for IPs or CIDR Ranges as well?
One more question: Is it now possible to create virtual tables on top of any JDBC Source with Agent Proxy Egress Policy?
Thank you,
Nicolas
Yes, support for IP and CIDR agent proxy egress policies are actively being developed!
Is it now possible to create virtual tables on top of any JDBC Source with Agent Proxy Egress Policy?
To clarify, do you mean the custom JDBC source type? Virtual tables can be backed by a source with agent proxy egress policies for the supported sources.
Nice username @null 
I am referring to sources like Postgres, oracle or the generic jdbc source that connect to on premise databases.
Virtual tables do not support postgres, oracle or generic jdbc, virtual tables are only supported on these source types.
Whenever virtual table support is added for other source types, agent proxy egress policy will also be supported similar to the currently supported source types.
Hi @null ,
could you add a frontend filter option to filter for the Source “runtime”?
That would allow us to quickly identify Source that use the legacy agent proxy mode to migrate them. For context, we have 2700 Sources on the stack.
Appreciated!
Great question. We’ve had an open ticket for about a year to enhance the filter options — specifically to include filtering by space, organization, and exports. This would also be useful.
One more feedback/question. @null
How can we edit the assigned Agents after an Agent Proxy Egress Policy has been created?
We have now added only one agent and for production we want to assign at least 2 agents in different Availability Zones. There seems to be no option in the UI to edit the assigned Agents?
Is the only workaround to create a new Agent Proxy Egress Policy?
Yeah, today a new agent proxy egress policy is needed.
We have plans to have an “agent pool” concept where you can swap the agents from the pool without needing a new policy, but for now a new policy is needed. Thanks for the signal here.
@null I am trying to connect foundry to a MySQL database that is in a VPS. I am trying to use Foundry Worker + Agent. The agent is already working on the host, and I can see the machine metrics. However, I am stuck on the part that requires setting the Agent Proxy Egress Policy. What DNS and Port should I use? Should I use the MySQL Port and some DNS from within the host in order to allow a connection between the agent and the database? Or should the DNS be the public website name (e.g. abc.com) and the port 443 (for https) to allow a connection between foundry and the host?
I am not very acquainted with network engineering, so I really appreciate your help!
