Requirements for Connectivity to AWS Service Endpoints

Updated

To perform data protection operations, Amazon EC2 access nodes must have connectivity to regional and global AWS service endpoints.

Regional Endpoints

AWS service

AWS link for endpoints

How Commvault uses connectivity

Amazon Aurora

https://docs.aws.amazon.com/en_us/general/latest/gr/aurora.html

Amazon DocumentDB

https://docs.aws.amazon.com/en_us/general/latest/gr/amazondocdb.html

To perform data management and protection for Amazon DocumentDB data

Amazon DynamoDB

https://docs.aws.amazon.com/en_us/general/latest/gr/ddb.html

To perform data management and protection for Amazon DynamoDB data

Amazon EBS direct APIs

https://docs.aws.amazon.com/general/latest/gr/ebs-service.html

To perform data management and protection for Amazon EBS volumes

Amazon EC2

https://docs.aws.amazon.com/general/latest/gr/ec2-service.html

  • To perform data management and protection for Amazon EC2 instances

  • To discover Amazon Virtual Private Clouds (VPCs)

Amazon EFS

https://docs.aws.amazon.com/en_us/general/latest/gr/elasticfilesystem.html

Amazon EKS

https://docs.aws.amazon.com/general/latest/gr/eks.html

Amazon FSx

https://docs.aws.amazon.com/en_us/general/latest/gr/fsxn.html

Amazon Outposts

https://docs.aws.amazon.com/general/latest/gr/outposts_region.html

Amazon RDS

https://docs.aws.amazon.com/general/latest/gr/rds-service.html

To perform data management and protection for Amazon RDS data

Amazon Redshift

https://docs.aws.amazon.com/en_us/general/latest/gr/redshift-service.html

To perform data management and protection for Amazon Redshift data.

Amazon S3

https://docs.aws.amazon.com/general/latest/gr/s3.html

  • To perform data management and protection for Amazon S3 data

  • To store and replicate backup data to Amazon S3, Amazon S3 Glacier, and Amazon S3 Glacier DeepArchive cloud libraries

Amazon S3 Glacier

https://docs.aws.amazon.com/en_us/general/latest/gr/glacier-service.html

Amazon VPC

https://docs.aws.amazon.com/en_us/general/latest/gr/vpc-service.html

AWS KMS

https://docs.aws.amazon.com/en_us/general/latest/gr/kms.html

To perform secure data management and protection for AWS services that contain data encrypted with AWS Key Management Service (KMS) encryption keys

STS AssumeRole

https://docs.aws.amazon.com/general/latest/gr/sts.html

To obtain temporary credentials from the AWS Secure Token Service (STS), which are used in the data management and protection of AWS services

Systems Manager

https://docs.aws.amazon.com/general/latest/gr/ssm.html

Note: Both global and regional endpoint access is required.

Systems Manager

https://docs.aws.amazon.com/general/latest/gr/ssm.html

Global Endpoints

For AWS documentation about service endpoints, see AWS service endpoints.