Skip to main content
Connic
Back to BlogProduct Spotlight

Connic Bridge: AI Agents for Private Infrastructure

Connic Bridge creates a secure outbound tunnel so your AI agents can reach private Kafka, databases, and internal services without opening inbound ports.

February 19, 20267 min read

Your Kafka cluster sits in a private VPC. Your Postgres database is locked behind a corporate firewall. Your internal APIs are only reachable via private DNS. None of these services are accessible from the public internet, and for good reason.

Now you want AI agents to react to events in these systems: process Kafka messages, listen for database changes, call internal services. How do you bridge a cloud-hosted agent platform and infrastructure that was designed to be unreachable?

The Problem With Traditional Approaches

Teams typically reach for one of a few options when connecting cloud services to private infrastructure. Each has real downsides:

VPN / VPC Peering
Complex to set up, expensive to maintain, and creates a broad network-level connection. A single misconfiguration can expose your entire private network. Every vendor that needs access adds another peering relationship to manage.
IP Allowlisting
Requires exposing services on public IPs. IP ranges change. Cloud platforms use shared egress IPs. You end up maintaining fragile allowlists that break without warning and widen your attack surface.
Expose Services Publicly
The fastest option, and the most dangerous. Putting your Kafka cluster or database on the public internet, even with authentication, dramatically increases your attack surface. Security teams will (rightfully) block this.

What you actually need: a way for cloud agents to reach your private services without making those services reachable from the internet. That's what Connic Bridge does.

Connect agents to private systems without opening ports

Bring the Kafka cluster, Postgres database, internal API, or MCP server your agent needs. Sales can show how Bridge routes access outbound-only with allowed hosts, approvals, and traces.

Discuss Bridge access

How Connic Bridge Works

The Connic Bridge is a lightweight agent that runs inside your private network. It makes a single outbound WebSocket connection to the Connic relay, and that's it. No inbound ports, no VPN, no public exposure.

When a Connic connector needs to reach a service in your network, the relay forwards the request through the established tunnel to the bridge. The bridge then opens a local TCP connection to the target service on your behalf.

Bridge Agent
A Docker container you deploy inside your VPC. Makes outbound-only connections. Controls which services are reachable via an allowed hosts list.
Bridge Relay
Managed by Connic. Accepts bridge connections, allocates tunnel endpoints, and routes connector traffic to the correct bridge.
TLS Tunnel
All traffic between the bridge and relay is encrypted via WSS (WebSocket over TLS). Traffic flows bidirectionally through the tunnel.

Setup in Three Steps

Getting Bridge running takes about five minutes. No networking to configure, no certificates to manage, no firewall rules to change.

Step 1: Generate a Bridge Token

Navigate to Project Settings > Bridge in the Connic dashboard and click Set Up Bridge. Copy the token that appears. It starts with cbr_ and is only shown once.

The Connic dashboard Bridge panel showing a freshly generated cbr_ token and a ready-to-run docker run command for the bridge agent.
Project Settings → Bridge reveals the token once, alongside a copy-paste Docker command preloaded with it.

Step 2: Deploy the Bridge Agent

Run the bridge inside your private network. It needs outbound internet access (to connect to the relay) and local network access (to reach your services).

Docker
$ docker run -d --name connic-bridge \
  -e BRIDGE_TOKEN=cbr_your_token_here \
  -e ALLOWED_HOSTS=kafka:9092,postgres:5432 \
  connicorg/bridge:latest

The ALLOWED_HOSTS variable is a comma-separated list of host:port pairs the bridge is allowed to connect to. Any request targeting a host outside this list is rejected, which gives you explicit control over what your bridge can reach.

Prefer Docker Compose? That works too:

docker-compose.yml
services:
  connic-bridge:
    image: connicorg/bridge:latest
    restart: always
    environment:
      BRIDGE_TOKEN: cbr_your_token_here
      ALLOWED_HOSTS: kafka:9092,postgres:5432,my-db:5432

Step 3: Enable Bridge on Your Connectors

When creating or editing a connector, open the Network Access section and choose your bridge from the Bridge dropdown. Connic then routes that connector's traffic through the bridge tunnel instead of connecting directly. New to the connector layer? Read what pre-built connectors handle for you before adding Bridge.

A connector's Network Access section with the Bridge dropdown set to a bridge named Production VPC, routing the connector through the private network.
Each Bridge-capable connector picks a bridge in its Network Access section; leave it unset to connect directly.

Bridge access is supported on:

Apache Kafka (inbound + outbound)
AWS SQS (inbound + outbound)
PostgreSQL (LISTEN/NOTIFY)
Email / IMAP / SMTP
AWS S3 (file downloads)
HTTP Webhook (outbound)

Security by Design

The bridge was designed with a zero-trust mindset. Every layer limits what's possible:

Outbound Only
The bridge initiates all connections. Your firewall rules stay unchanged. Nothing in your network needs to accept inbound traffic from the internet.
Explicit Allowlist
The bridge can only connect to hosts you have explicitly listed. Even if the tunnel were compromised, it cannot reach services outside your allowlist.
Project-Scoped Tokens
Each bridge token is tied to a single Connic project. Tokens can be rotated at any time from the dashboard. Revoking a token immediately disconnects the bridge.
End-to-End TLS
All communication between the bridge and the relay is encrypted via WebSocket over TLS. Traffic is never exposed in plaintext, even in transit.

Real-World Use Cases

A few patterns we see teams building with Bridge:

Event-Driven AI on Private Kafka
A fintech company runs Kafka inside a private VPC on AWS. They use Bridge to connect a Kafka inbound connector to their transaction topic. Every new transaction triggers an AI agent that performs fraud analysis in real-time, then publishes results back to an output topic via an outbound Kafka connector, also routed through Bridge.
Database Change Detection
An operations team uses PostgreSQL LISTEN/NOTIFY on an on-premises database to detect new support tickets. The Bridge routes the Postgres connector to the internal database. When a new ticket lands, an AI agent classifies it, drafts a response, and routes it to the appropriate team, all without the database ever being exposed publicly.
Internal Email Processing
A logistics company runs an on-premises mail server behind their corporate firewall. Bridge connects the Email connector to the internal IMAP server. An AI agent monitors a shared inbox, extracts shipment details from emails and attachments, and updates their internal tracking system via an outbound HTTP webhook, also routed through Bridge.

Bridge vs. Alternatives

Connic BridgeVPN / PeeringIP Allowlist
Setup time5 minutesHours to daysMinutes (fragile)
Inbound ports requiredNoneMultiplePer service
Blast radiusExplicit host:port listEntire VPC / subnetPer IP range
Firewall changesNoneYesYes
Ongoing maintenanceNear zeroHighModerate (IP churn)

Monitoring Your Bridge

Once deployed, you can check bridge status at any time in Project Settings > Bridge. The dashboard shows whether the bridge is connected and when it last connected, with controls to regenerate or revoke the token.

Tip: Token Rotation
Rotate your bridge token periodically as a security best practice. Click Regenerate Token in the dashboard, then update the BRIDGE_TOKEN environment variable in your bridge deployment. The old token is revoked immediately.

Getting Started

If your infrastructure is private, Bridge is the simplest way to connect it to your AI agents:

  • 1.Open your project in the Connic dashboard and go to Settings > Bridge
  • 2.Generate a token and deploy the bridge container in your network
  • 3.Enable Connect via Bridge on any connector that targets a private service
  • 4.Your agents can now consume events from and deliver results to private infrastructure

For the full configuration reference and troubleshooting guide, check the Bridge documentation. If you're new to Connic, start with the quickstart guide to deploy your first agent, then come back here to connect it to your private infrastructure.

More from the Blog

Product Spotlight

Connic Tests: Catch Agent Regressions Before They Reach Production

A YAML-driven testing framework built for non-deterministic AI agents. Statistical pass thresholds, expression-based assertions, tool-call checks, tool mocking, multimodal fixtures, and a deployment gate that blocks broken builds.

May 6, 20268 min read
Product Spotlight

Human-in-the-Loop AI Agents: How Approvals Work in Production

How to pause an AI agent before refunds, deletes, or external calls, route the decision to a human, and resume automatically, with a full audit trail.

April 5, 202610 min read
Tutorial

Automated Agent Scoring: AI Agent Evaluation with LLM Judges

Automated agent scoring uses an LLM judge to grade every agent run against criteria you define. Set up AI agent evaluation that tracks quality trends and alerts on regressions.

March 29, 202610 min read
Product Spotlight

A/B Testing for AI Agents: Ship Better Prompts with Confidence

You changed the prompt. It feels better. But is it actually better? Learn how to run controlled experiments on your AI agents and let real traffic decide.

March 27, 20269 min read
Product Spotlight

Secure AI Agents: A Production Safety Checklist

Shipping AI agents without a security strategy is a liability. A practical checklist covering prompt injection, PII handling, output validation, and the guardrails you need before go-live.

March 21, 202612 min read
Product Spotlight

Agent Guardrails: Real-Time Safety for Your AI Agents

Connic Guardrails intercept agent inputs and outputs in real time to block prompt injection, redact PII, and enforce topic restrictions.

March 3, 20269 min read
Changelog

What We Shipped in January 2026

Custom observability dashboards with drag-and-drop widgets, model pricing for cost tracking, refreshed connector and runs UI, and llms.txt support.

February 10, 20265 min read
Product Spotlight

Agent Observability: Track Costs, Tokens & Runs

Deploying AI agents without visibility is flying blind. Build custom dashboards, track LLM costs per model, and catch failures before users do.

January 23, 20268 min read
Product Spotlight

Composer SDK: Better Agent Development Tooling

No more manual uploads or YAML guessing. The Composer SDK adds scaffolding, validation, hot-reload testing, and CLI deployments.

December 27, 20255 min read