While DDVE is running in AWS cloud, customers can backup and restore their operational data from an S3 object store.
Observe these requirements:
Storage tier - DDVE on AWS supports Active Tier (Cloud Tier is not supported).
Storage class - AWS provides multiple storage classes (Standard S3, Standard-IA, and so on). Standard S3 offers high durability, availability, and performance for frequently accessed data. DDVE on AWS supports Standard S3.
The following sections provide general guidelines to deploy, configure, and run DDVE on AWS with Active Tier on S3 storage.
The high-level steps are as follows:
Configure the network environment.
For secure access to the DDVE, follow the best practices recommended by AWS for your VPC architecture. Configure the following components:
VPC
Subnet
Route tables
Security groups
Network access control list
NOTE Make sure to allow DDVE inbound and outbound access to S3. If you are unsure which S3 IP addresses to allow, refer to the route table entry for S3 endpoint.
VPC Gateway endpoint for connectivity to S3
NOTE DDVE supports standard endpoint format. If you configure firewall rules for endpoints, requests that map to the standard endpoints (*.s3.<region>.amazonaws.com) must be allowed. If you configure firewall rules to allow only *.s3.amazonaws.com, then *.s3.us-east-1.amazonaws.com must be allowed.