To perform data protection operations, Amazon EC2 access nodes must have connectivity to regional and global AWS service endpoints.
Important: Commvault does not support use of Federal Information Processing Standard (FIPS) service endpoints to secure data transfer or data at-rest when protecting FIPS-enabled AWS services. For information see Federal Information Processing Standard (FIPS) 140-2 on the AWS website.
Regional Endpoints
AWS service | AWS link for endpoints | How Commvault uses connectivity |
---|---|---|
Amazon Aurora | https://docs.aws.amazon.com/en_us/general/latest/gr/aurora.html | |
Amazon DocumentDB | https://docs.aws.amazon.com/en_us/general/latest/gr/amazondocdb.html | To perform data management and protection for Amazon DocumentDB data |
Amazon DynamoDB | https://docs.aws.amazon.com/en_us/general/latest/gr/ddb.html | To perform data management and protection for Amazon DynamoDB data |
Amazon EBS direct APIs | https://docs.aws.amazon.com/general/latest/gr/ebs-service.html | To perform data management and protection for Amazon EBS volumes |
Amazon EC2 | https://docs.aws.amazon.com/general/latest/gr/ec2-service.html |
|
Amazon EFS | https://docs.aws.amazon.com/en_us/general/latest/gr/elasticfilesystem.html | |
Amazon EKS | ||
Amazon FSx | https://docs.aws.amazon.com/en_us/general/latest/gr/fsxn.html | |
Amazon RDS | https://docs.aws.amazon.com/general/latest/gr/rds-service.html | To perform data management and protection for Amazon RDS data |
Amazon Redshift | https://docs.aws.amazon.com/en_us/general/latest/gr/redshift-service.html | To perform data management and protection for Amazon Redshift data. |
Amazon S3 |
| |
Amazon S3 Glacier | https://docs.aws.amazon.com/en_us/general/latest/gr/glacier-service.html | |
Amazon S3 on Outposts | https://docs.aws.amazon.com/general/latest/gr/outposts_region.html#outposts_region_s3 | |
Amazon VPC | https://docs.aws.amazon.com/en_us/general/latest/gr/vpc-service.html | |
AWS KMS | https://docs.aws.amazon.com/en_us/general/latest/gr/kms.html | To perform secure data management and protection for AWS services that contain data encrypted with AWS Key Management Service (KMS) encryption keys |
STS AssumeRole | To obtain temporary credentials from the AWS Secure Token Service (STS), which are used in the data management and protection of AWS services | |
Systems Manager |
Note: Both global and regional endpoint access is required. | |
Systems Manager |
Global Endpoints
AWS service | AWS link for endpoints | How Commvault uses connectivity |
---|---|---|
Amazon RDS | https://docs.aws.amazon.com/general/latest/gr/rds-service.html | |
Amazon S3 | ||
Amazon S3 Glacier | https://docs.aws.amazon.com/en_us/general/latest/gr/glacier-service.html | |
AWS IAM | https://docs.aws.amazon.com/en_us/general/latest/gr/iam-service.html | To secure and provide access to AWS services |
AWS security tokens | ||
Instance import/export |
Impact Level Six (IL6) Endpoints
AWS Security Token Service (STS) is not supported for IL6 endpoints.
Related Topics
For AWS documentation about service endpoints, see AWS service endpoints.