Additional troubleshooting info for AWS Private Link

docs/private-ddn/private-endpoints/aws.mdx

@@ -229,7 +229,7 @@ No, VPC Endpoint Services are only accessible from within AWS. To access from ou
 |-------|----------------|------------|
 | **Endpoint stuck in "Pending Acceptance" status** | - Connection request not accepted<br/>- AWS Console permissions issue<br/>- Endpoint Service requires acceptance | - Accept the endpoint connection in AWS Console under VPC > Endpoint Services<br/>- Verify you have permissions to accept connections |
 | **Validation errors** | - Incorrect Hasura IAM Role ARN<br/>- ARN not added to allowed principals<br/>- Incorrect service name | - Verify the ARN is correctly added to your endpoint service permissions<br/>- Check for typos in the service name |
-| **Cannot connect to endpoint** | - Security group restrictions<br/>- Route table configuration<br/>- DNS resolution issues | - Contact Hasura support for assistance |
+| **Cannot connect to endpoint** | - Security group restrictions<br/>- Route table configuration<br/>- DNS resolution issues | - If your database is behind a load balancer, ensure that the **Enforce inbound rules on PrivateLink traffic** option (found under the Load Balancer’s Security tab) is **disabled**.  If your setup requires this option to remain enabled, make sure that your security group explicitly allows inbound access from Hasura's VPC CIDR over the appropriate database port (e.g., PostgreSQL port 5432).  For further troubleshooting, contact Hasura support for assistance |
 | **Failed to create endpoint** | - Service quota limits<br/>- Network configuration issues | - Contact Hasura support for assistance |
 
 ### Before Contacting Support