VPC Endpoints for Elastic Disaster Recovery (EDR) Staging

Question

Is it possible to setup a staging subnet using VPC endpoints with no internet gateway, if so, how? I've added an endpoint for drs, ec2, and s3 (gateway) but replication initiation always fails at "Authenticate with service"

I've added an ec2 instance on the same subnet and it resolves drs.us-east-1.amazonaws.com to the endpoint IP address. VPC Flow Logs didn't lead me anywhere other than noticing that the private IP for the endpoint isn't showing in the logs at all and plenty of AWS owned public IPs are.

I'm not sure how to troubleshoot this any further.

Answer

Hello CSummers! I'm not sure if you've received an answer to your question yet, but I wanted to post an answer here.  The short answer to your question is: YES! :) If you're using Amazon VPC to host your AWS resources, you can establish a private connection between your Amazon VPC and AWS Elastic Disaster Recovery.  The way you would do this is by leveraging AWS PrivateLink [https://aws.amazon.com/privatelink/]() AWS PrivateLink is an AWS technology that facilitates private communication between AWS services using an elastic network interface with private IP addresses.  You can use this connection to allow AWS Elastic Disaster Recovery to communicate with your resources on your VPC **without** going through the public internet, which means you wouldn't need an internet gateway.  Please let us know if this answers your question. Thank you! Brian Anderson

VPC Endpoints for Elastic Disaster Recovery (EDR) Staging

相关内容