Chapter 11
Service Requirements

THE AWS CERTIFIED ADVANCED NETWORKING – SPECIALTY EXAM OBJECTIVES COVERED IN THIS CHAPTER MAY INCLUDE, BUT ARE NOT LIMITED TO, THE FOLLOWING:

  • Domain 4.0: Configure Network Integration with Application Services
  • images 4.6 Reconcile AWS Cloud service requirements with network requirements

images

Introduction to Service Requirements

The AWS Cloud platform offers over 90 services that customers can leverage. A number of these services either reside within a Virtual Private Cloud (VPC) or have the option to do so. Understanding how the service and networking interactions work, both in general and for each service, is critical for planning and operating networking within AWS. By understanding service requirements and mapping them to network requirements, you can allocate resources appropriately and ensure that AWS Cloud services will operate correctly within your VPC environment.

The Elastic Network Interface

An elastic network interface is a virtual network interface that you can attach to an instance in a VPC. It is more simply referred to as a network interface. Many AWS managed services can be launched with network interfaces to allow them to reside within a VPC, while still having the ability to be managed by AWS. For more information on network interfaces, refer to Chapter 2, “Amazon Virtual Private Cloud (Amazon VPC) and Networking Fundamentals.”

AWS Cloud Services and Their Network Requirements

This section covers AWS Cloud services that have specific network requirements. A description of each service is provided along with the network requirements.

Amazon WorkSpaces

Amazon WorkSpaces is a managed, secure Desktop as a Service (DaaS) solution that runs on AWS. With Amazon WorkSpaces, you can easily provision virtual, cloud-based Microsoft Windows desktops for your users, providing them with access to the documents, applications, and resources they need—anywhere, any time, and from any supported device.

Each WorkSpace desktop is provisioned with two network interfaces. One interface resides in a customer-specified VPC and another resides in an AWS management VPC, which allows for external connectivity from the Amazon WorkSpaces client. The management VPC has a private Classless Inter-Domain Routing (CIDR) of one of the following: 172.31.0.0/16, 192.168.0.0/16, or 198.19.0.0/16. The CIDR is automatically chosen so as not to conflict with the VPC CIDR.

Amazon WorkSpaces Requirements

Amazon WorkSpaces has the following network requirements:

Amazon WorkSpaces client application You’ll need an Amazon WorkSpaces-supported client device. You can also use Personal Computer over Internet Protocol (PCoIP) zero clients to connect to Amazon WorkSpaces. Zero-client connectivity will also require a PCoIP connection manger running in the customer VPC.

A VPC in which to run your WorkSpace You will need a minimum of two subnets for an Amazon WorkSpaces deployment because each AWS Directory Service construct requires two subnets in a Multi-AZ deployment. Each subnet should have sufficient capacity for future growth. Each WorkSpace will have a network interface in one of the VPC subnets.

A directory service to authenticate users and provide access to their WorkSpaces Amazon WorkSpaces currently works with AWS Directory Service and Active Directory. You can use your on-premises Active Directory server with AWS Directory Service to support your existing enterprise user credentials with Amazon WorkSpaces.

Security group(s) to control access for Amazon WorkSpaces Network access to and from the Amazon WorkSpaces customer-specified VPC network interface is controlled by security groups.

Amazon AppStream 2.0

Amazon AppStream 2.0 is a managed, secure application streaming service that allows you to stream desktop applications from AWS to any device running a web browser without rewriting them. Amazon AppStream 2.0 provides users instant-on access to the applications they need and a responsive, fluid user experience on the device of their choice.

A set of applications is run from an Amazon AppStream 2.0 instance, which is dedicated to a single user. A configurable fleet of instances can be created that automatically scales to meet user demand. Each Amazon AppStream 2.0 instance is provisioned with two network interfaces. One interface resides in a customer-specified VPC, and another resides in an AWS management VPC, which allows for external connectivity to the Amazon AppStream 2.0 applications.

Amazon AppStream 2.0 Requirements

Amazon AppStream 2.0 has the following network requirements:

An HTML5-compatible web browser Amazon AppStream 2.0 delivers applications through any modern HTML5-compatible web browser.

A VPC in which to run your Amazon AppStream 2.0 applications You will need at least one subnet for Amazon AppStream 2.0. You should use two subnets for high availability. Each Amazon AppStream 2.0 instance in the fleet will have a network interface in a VPC subnet. A new instance is used for each unique user connection.

Security group(s) to control access for Amazon AppStream 2.0 Network access to/from the Amazon AppStream 2.0 customer-specified VPC network interface is controlled by security groups.

AWS Lambda (Within a VPC)

AWS Lambda is a compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when needed and scales automatically, from a few requests per day to thousands per second. You pay only for the compute time you consume—there is no charge when your code is not running. With AWS Lambda, you can run code for virtually any type of application or back-end service, all with zero administration. AWS Lambda runs your code on a high-availability compute infrastructure and performs all of the administration of the compute resources, including server and operating system maintenance, capacity provisioning and automatic scaling, code monitoring, and logging. All you need to do is supply your code in one of the languages that AWS Lambda supports (Node.js, Java, C#, and Python at the time of this writing).

AWS Lambda runs in a managed network by default, where the networking requirements and scaling are managed by AWS. AWS provides the option to run AWS Lambda functions from within a customer VPC, the requirements for which are discussed in the following subsection.

AWS Lambda Requirements

AWS Lambda (running within a VPC) has the following network requirements:

VPC subnet(s) with sufficient capacity AWS Lambda functions are executed on demand, so the IP address requirement will vary with invocation count. In the most extreme case, this could be up to 1,000 (the current per-region soft limit of concurrent AWS Lambda function executions). For an estimate of the required IP addresses needed, the following calculation can be used:

Projected peak concurrent executions × (Memory in GB/1.5GB)

You should use multiple subnets that span Availability Zones for availability.

Security group(s) to allow access from AWS Lambda AWS Lambda leverages security groups to control network access to each AWS Lambda function. Note that there is limited inbound access built into the AWS Lambda service for security reasons.

Network Address Translation (NAT) for Internet access AWS Lambda functions cannot be assigned public IPs. A NAT gateway or customer-managed NAT instance is required for Internet connectivity.

Amazon EC2 Container Service (Amazon ECS)

Amazon EC2 Container Service (Amazon ECS) is a highly scalable, high-performance container management service that supports Docker containers and allows you to run applications easily. Amazon ECS works in one of two ways: as a managed cluster of Amazon Elastic Compute Cloud (Amazon EC2) instances or as AWS Fargate, a technology for deploying and managing containers without having to manage any of the underlying infrastructure. Amazon ECS eliminates the need for you to install, operate, and scale your own cluster management infrastructure. With simple Application Programming Interface (API) calls, you can launch and stop Docker-enabled applications, query the complete state of your cluster, and access many familiar features like security groups, Elastic Load Balancing, Amazon Elastic Block Store (Amazon EBS) volumes, and AWS Identity and Access Management (IAM) roles.

The default setup in the AWS Management Console will create a new Virtual Private Cloud (VPC) and subnets for your Amazon ECS cluster; however, an existing VPC can be used. Amazon ECS running on managed Amazon EC2 instances uses AWS CloudFormation to create clusters and Amazon EC2 instances, which can all be tracked in the AWS Management Console. These types of containers run within the provisioned Amazon EC2 instances. Amazon ECS running on AWS Fargate, on the other hand, makes use of an AWS-managed container infrastructure. The Application Load Balancer and Network Load Balancer integrate with Amazon ECS, and they can perform mapping of ports to the backend containers.

Each container can either share the networking stack with the underlying Amazon ECS instance or operate with a dedicated network interface. There are four modes for container network connectivity:

Bridge This is the default option, and it works by “bridging” from a container’s internal network into a common Docker network.

Host With this option, containers are directly mapped into the host network.

Awsvpc This option lets you attach an elastic network interface directly to each container. This is the only option for containers running on AWS Fargate.

None This option disables external networking for a container. Amazon ECS Requirements Amazon ECS has the following network requirements:

A VPC in which to run Amazon ECS You will need at least one subnet in which to run Amazon ECS. For availability, multiple subnets in different Availability Zones are recommended. For instance-based Amazon ECS, each instance in the cluster will need an IP in the subnet. If awsvpc mode is used, then each container will need an IP address in the subnet. You should plan ahead so that each subnet has enough available IP addresses.

Security group to control access for Amazon ECS Network access to and from each Amazon ECS instance is controlled by a security group. The security group will need to allow traffic to ports on the containers that are running.

Access to the Internet to reach the Amazon ECS service endpoint Container instances need external network access to communicate with the Amazon ECS service endpoint. If your container instances do not have public IP addresses, then they must use NAT or an HTTP proxy to provide this access.

Amazon EMR

Amazon EMR provides a managed Hadoop framework that makes it easy, fast, and cost effective to process vast amounts of data across dynamically-scalable Amazon EC2 instances. Hadoop is an open source Java software framework that supports data-intensive distributed applications running on large clusters of commodity hardware. You can also run other popular distributed frameworks such as Apache Spark, HBase, Presto, and Flink in Amazon EMR and interact with data in other AWS data stores such as Amazon Simple Storage Service (Amazon S3) and Amazon DynamoDB.

Amazon EMR can be launched in either a public or private subnet. Given the high throughput requirement of the Hadoop framework, an Amazon EMR cluster is launched within a single Availability Zone for performance and cost optimization.

Amazon EMR Requirements

Amazon EMR has the following network requirements:

Domain Name System (DNS) hostnames enabled on your VPC Amazon EMR requires that hostnames be enabled on the VPC for proper hostname-to-address resolution.

Private CIDR for your VPC To ensure that name resolution works correctly, only private IP ranges (10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16) should be used. Using public IPs for the VPC CIDR could cause name resolution issues.

Connectivity to AWS Cloud services At a minimum, access to Amazon S3 is required for logging (an Amazon S3 VPC endpoint can be used for connectivity). Access to Amazon Simple Queue Service (Amazon SQS) is required for debugging support. Amazon DynamoDB connectivity is required if Amazon EMR will interact with Amazon DynamoDB tables (a VPC endpoint can be used).

Amazon Relational Database Service (Amazon RDS)

Amazon Relational Database Service (Amazon RDS) makes it easy to set up, operate, and scale a relational database in the cloud. It provides cost-efficient and resizable capacity while automating time-consuming administration tasks such as hardware provisioning, database setup, patching, and backups. It allows you to focus on your applications so that you can give them the fast performance, high availability, security, and compatibility they need. Amazon RDS is available for six popular data engines: Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server.

Amazon RDS provides high availability and failover support for DB instances using Multi-AZ deployments. Amazon RDS uses several different technologies to provide failover support. Multi-AZ deployments for Oracle, PostgreSQL, MySQL, and MariaDB DB instances use Amazon’s failover technology. SQL Server DB instances use SQL Server Mirroring. Amazon Aurora instances store copies of the data in a DB cluster across multiple Availability Zones in a single region, regardless of whether the instances in the DB cluster span multiple Availability Zones. Read replicas are also available in Amazon RDS for MySQL, MariaDB, and PostgreSQL.

Amazon RDS Requirements

Amazon RDS has the following network requirements:

A VPC in which to run Amazon RDS You will need one subnet in which to run Amazon RDS. If you choose a Multi-AZ deployment, then you will need at least two subnets in differing Availability Zones. If Amazon RDS read replicas are used, then a subnet is required. Amazon RDS subnet groups are used to specify which subnets in a VPC are used for Amazon RDS.

Security group(s) to allow access to Amazon RDS Amazon RDS leverages security groups to control inbound and outbound access to the database.

AWS Database Migration Service (AWS DMS)

AWS Database Migration Service (AWS DMS) helps you migrate databases to AWS quickly and securely. The source database remains fully operational during the migration, minimizing downtime to applications that rely on the database. AWS DMS can migrate your data to and from most widely-used commercial and open source databases.

AWS DMS Requirements

AWS DMS has the following network requirements:

A VPC in which to run AWS DMS You will need at least one subnet in which to run AWS DMS. If you choose a Multi-AZ deployment, then you will need at least two subnets in different Availability Zones. Multi-AZ deployment is recommended for high availability. If Internet connectivity is required, then the AWS DMS instance(s) should reside in either a public subnet with a public IP or in a private subnet with a NAT gateway or NAT instance. Private connectivity to AWS DMS is recommended.

Security group(s) to allow access for AWS DMS AWS DMS leverages security groups to control inbound and outbound access to databases. Security groups will need to be configured to allow outbound access to each database that the service will use as either a source or target.

Amazon Redshift

Amazon Redshift is a fast, managed data warehouse that makes it simple and cost effective to analyze all of your data using standard SQL and your existing Business Intelligence (BI) tools. It allows you to run complex analytic queries against petabytes of structured data, using sophisticated query optimization, columnar storage on high-performance local disks, and massively parallel query execution. Most results come back within seconds.

With Amazon Redshift, there is a leader node and one or more compute nodes. Compute nodes store data and execute your queries. The leader node is the access point for Open Database Connectivity (ODBC)/Java Database Connectivity (JDBC) and generates the query plans executed on the compute nodes. Users do not interact directly with the compute nodes.

Amazon Redshift can be deployed in either a standard or enhanced routing configuration. With enhanced VPC, all traffic is forced to flow through the VPC. Enhanced VPC routing affects the way that Amazon Redshift accesses other resources, so COPY and UNLOAD commands might fail unless you configure your VPC correctly. You must specifically create a network path between your cluster’s VPC and your data resources.

Amazon Redshift Requirements

Amazon Redshift has the following network requirements:

A VPC in which to run Amazon Redshift You will need a subnet in which to run Amazon Redshift. The subnet must have enough IP addresses for each node plus an additional IP address for the leader node. AWS provides the option to allow public IPs. If public connectivity is required, then a public subnet should be used.

Security group(s) for cluster access At least one security group is required to control access to the cluster.

DNS hostnames enabled on your VPC Amazon Redshift requires that hostnames be enabled on the VPC for proper hostname-to-address resolution.

If enhanced routing is configured:

Connectivity to Amazon S3 Connectivity to Amazon S3 buckets in the same region can be accomplished through an Amazon S3 VPC endpoint. Connectivity to Amazon S3 in another region or to public AWS Cloud services will require either a public IP and an Internet gateway, NAT gateway, or NAT instance.

AWS Glue

AWS Glue is a managed Extract, Transform, and Load (ETL) service that makes it easy for customers to prepare and load their data for analytics. You can create and run an ETL job with a few clicks in the AWS Management Console. You simply point AWS Glue to your data stored on AWS, and AWS Glue discovers your data and stores the associated metadata (for example, table definition and schema) in the AWS Glue Data Catalog. Once cataloged, your data is immediately searchable, queryable, and available for ETL. AWS Glue generates the code to execute your data transformations and data loading processes.

AWS Glue Requirements

AWS Glue has the following network requirements:

A VPC in which to run AWS Glue Each AWS Glue connection to a data source requires network interfaces within a subnet in a VPC.

Security group(s) to allow access from Glue Glue leverages security groups to control access to data sources. At least one security group with access to the data source is required. AWS Glue also requires one or more security groups with an inbound source rule that allows AWS Glue to connect (a self-referencing rule allowing all inbound traffic to the security group).

NAT for Internet access AWS Glue network interface functions cannot be assigned public IPs. If AWS Glue will be accessing data sources over public IP addresses, then a NAT gateway or customer-managed NAT instance is required for Internet connectivity.

AWS Elastic Beanstalk

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with Java, .NET, PHP, Node.js, Python, Ruby, Go, and Docker on familiar servers such as Apache, Nginx, Passenger, and IIS.

You can simply upload your code, and AWS Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, and automatic scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time.

AWS Elastic Beanstalk can be configured to scale and load balance an application automatically through a simple web Graphical User Interface (GUI) without the need for manual configuration of resources. AWS CloudFormation is used to create and manage an AWS Elastic Beanstalk application environment. The status of the deployment can be tracked from the AWS CloudFormation section of the AWS Management Console. Amazon EC2 resources that are created can be viewed from the Amazon EC2 console.

AWS Elastic Beanstalk Requirements

AWS Elastic Beanstalk has the following network requirements:

A VPC in which to run AWS Elastic Beanstalk If no customization is made, the default VPC is selected for use with AWS Elastic Beanstalk. If custom networking is configured, then a VPC (with subnets and an Internet gateway), security groups, network Access Control Lists (ACLs), and routing must be properly configured for the applications to be accessible. The architecture will vary based on the connectivity needs of the application being deployed and public versus private deployment.

Security group(s) to allow access AWS Elastic Beanstalk leverages security groups to control access to Amazon EC2 instances. Inbound rules for the Amazon EC2 instances, or a load balancer if load balancing is used, is required for connectivity to the AWS Elastic Beanstalk application. Outbound access to User Datagram Protocol (UDP) port 123 is required to allow Network Time Protocol (NTP) traffic for time synchronization.

Internet connectivity AWS Elastic Beanstalk requires Internet connectivity either directly through the assignment of public IP addresses or through NAT. Note that using a proxy server is not supported for Linux instances.

Summary

In this chapter, you reviewed AWS Cloud services and their network requirements.

Amazon WorkSpaces is a virtual desktop solution delivered through the Amazon WorkSpaces client application or zero-client hardware. At least two subnets are required to allow connectivity of virtual desktops to other resources running within a VPC. A directory service running within the VPC is required for user authentication.

Amazon AppStream 2.0 is an application streaming service that works with a standard HTML5-compatible web browser. One or two subnets are used to allow connectivity of applications to other resources running within a VPC. (Multiple subnets should be used for availability.)

AWS Lambda is a serverless code execution service. AWS Lambda can run without a VPC or can be placed in a VPC to allow for access to resources within a VPC. (Multiple subnets should be used for availability.) If Internet access is required for AWS Lambda running within a VPC, then NAT must be used.

Amazon ECS is a container management service. Amazon ECS manages Amazon EC2 instances that are used to run containers. The container instance requires at least one subnet, and multiple subnets in different Availability Zones are recommended for high availability.

Amazon EMR is a managed Hadoop framework. Amazon EMR requires a subnet in which to run. Private IP addresses are required for the VPC CIDR along with DNS hostnames enabled. Connectivity to Amazon S3 is required for logging. Access to Amazon SQS is required for debugging, and access to Amazon DynamoDB is required if working with data in Amazon DynamoDB tables.

Amazon RDS is a service that provides managed relational databases with support for Amazon Aurora, PostgreSQL, MySQL, MariaDB, Oracle, and Microsoft SQL Server. The service requires at least one subnet (two or more for Multi-AZ).

AWS DMS facilitates the migration of data between databases of the same or differing types. AWS DMS requires at least one subnet, and two are required for a Multi-AZ deployment.

Amazon Redshift is managed data warehouse. An Amazon Redshift cluster requires a subnet and can either be public or private. It requires that DNS hostnames be enabled on the VPC. You have the option to enable enhanced VPC routing to force all traffic to go through the VPC. If enhanced VPC routing is enabled, then connectivity to Amazon S3 must be provided.

AWS Glue is a managed ETL service. A connection to a data source requires network interfaces that reside in a subnet. AWS Glue also requires one or more security groups with an inbound source rule that allows AWS Glue to connect (a self-referencing rule allowing all inbound traffic to the security group).

AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services. The default option selects the default VPC for deployment. Optionally, a custom VPC can be used. Security groups need to be configured to allow outbound connectivity to NTP and inbound connectivity from the AWS Elastic Beanstalk application clients. Internet connectivity is required for the Amazon EC2 instances that are launched, either through direct public IP assignment or NAT.

Understanding the requirements of each service will greatly assist in mapping to network requirements and help you effectively design for the appropriate network access. This knowledge will contribute to your ability to design and identify appropriate network architectures for the exam.

Exam Essentials

Understand what an elastic network interface in an Amazon VPC subnet is and how it is used. Many AWS Cloud services can reside within a VPC. An elastic network interface connected to a VPC subnet facilitates this connectivity.

Understand the Internet connectivity requirements for each service. Some services and deployment options will require Internet connectivity. This connectivity can be accomplished through the use of NAT, public IP address, or proxy. The appropriate type of connectivity will vary with each service. In general, NAT can be used with most services.

Understand the VPC architecture for each service. At least two subnets in differing Availability Zones should be used for each AWS service. Many services, like AWS Lambda and Amazon ECS, support the use of more than two Availability Zones for additional redundancy and scale.

Understand the interconnectivity requirements between services. The AWS ecosystem of services often work hand-in-hand to provide capabilities. For example, AWS Glue can perform ETL across varying on-premises and AWS resources and Amazon WorkSpaces can use several AWS services for authentication. Understanding these requirements and interconnection points is key to designing an appropriate network architecture.

Resources to Review

For further information, refer to the following pages on the AWS website.

Amazon WorkSpaces: https://aws.amazon.com/workspaces/

Amazon AppStream 2.0: https://aws.amazon.com/appstream2/

Amazon RDS: https://aws.amazon.com/rds/

AWS DMS: https://aws.amazon.com/dms/

Amazon EMR: https://aws.amazon.com/emr/

Amazon Redshift: https://aws.amazon.com/redshift/

AWS Glue: https://aws.amazon.com/glue/

AWS Elastic Beanstalk: https://aws.amazon.com/elasticbeanstalk/

AWS Lambda: https://aws.amazon.com/lambda/

Exercises

The best way to become familiar with AWS Cloud services and their requirements is to experiment with them through the AWS Management Console. There is no substitute for the experience that comes from working with the AWS environment and becoming familiar with networking requirements.

When you are done with each exercise, be sure to delete the resources you created to avoid usage fees.





Review Questions

  1. Which AWS Cloud service provides end-user connectivity to applications running within a Virtual Private Cloud (VPC)? (Choose two.)

    1. Remote Desktop Protocol
    2. PCoIP
    3. Amazon AppStream 2.0
    4. Amazon WorkSpaces

  2. How many network adapters are attached to a WorkSpace instance?

    1. 1
    2. 2
    3. 3
    4. 4

  3. How can AWS Lambda connect to the Internet when running in a Virtual Private Cloud (VPC)? (Choose two.)

    1. Internet gateway
    2. NAT Instance
    3. NAT gateway
    4. Public IP

  4. Amazon EMR requires which of the following? (Choose three.)

    1. DNS hostnames enabled on a VPC
    2. Private IP addresses
    3. Internet connectivity
    4. Amazon S3 connectivity

  5. What AWS Cloud service allows for serverless code execution?

    1. Amazon EC2
    2. Amazon RDS
    3. Amazon EMR
    4. AWS Lambda

  6. How can users reach the Internet through Amazon WorkSpaces? (Choose two.)

    1. No action is required; this is enabled by default.
    2. Through a public IP address assigned to each instance with an Internet gateway attached to the VPC
    3. Through a NAT gateway
    4. Specify Internet connectivity in the WorkSpace configuration.

  7. Which service provides managed database instances?

    1. Amazon ECS
    2. Amazon RDS
    3. AWS Lambda
    4. Amazon SQS

  8. What is required for Amazon RDS high availability?

    1. Multi-AZ deployment with two subnets
    2. Amazon RDS snapshots
    3. Multi-AZ deployment with one subnet
    4. High availability is provided by default

  9. Which service will automatically provision and scale an application infrastructure with a user only needing to provide application code?

    1. Amazon ECS
    2. Elastic Load Balancing
    3. AWS Elastic Beanstalk
    4. AWS CloudFormation

  10. A developer wants to create a simple application to run on AWS using AWS Elastic Beanstalk. What must the network administrator set up?

    1. Load balancers
    2. Amazon EC2
    3. Security groups
    4. None of the above

  11. An application developer wants to replicate data automatically between an on-premises database and Amazon RDS asynchronously between different database engines. What steps will allow this? (Choose two.)

    1. Create an AWS DMS instance.
    2. Allow access to the database server on-premises from with a VPC.
    3. Open all database servers up for Internet connectivity.
    4. Create a security group to allow connectivity between the Amazon RDS and the on-premises databases.

  12. Your team is going to provision a 10-node Amazon Redshift cluster. How many IP addresses should be available in the subnet?

    1. 9
    2. 10
    3. 11
    4. 12

  13. Your team has created a Multi-AZ Amazon RDS instance. The front-end application tier connects to the database through a custom DNS A record. After the primary database fails, the front-end application server can no longer reach the database. What change needs to be made to ensure availability in the event of a failover?

    1. The A name needs to be updated.
    2. The primary Amazon RDS instance needs to be restored.
    3. The application needs to use the IP address of the secondary Amazon RDS instance.
    4. The application needs to use the Amazon RDS hostname to connect to the database.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.227.52.208