AWS Outposts Documentation
AWS Outposts is a family of fully managed solutions designed to deliver managed AWS infrastructure, native AWS services, APIs, and tools to customers at their on-premises facilities. AWS Outposts help to enable applications that need to run on premises due to low latency, local data processing, or local data storage needs while reducing the undifferentiated heavy lifting required to procure, manage, and upgrade on premises infrastructure.
AWS Outposts racks
Compute & storage
You can choose from a range of pre-validated Outposts rack configurations offering a mix of EC2, EBS, and S3 capacity designed to meet a variety of application and data residency needs. You can also contact AWS to create a customized configuration designed for your unique application needs.
Compute
The AWS Outposts racks catalog includes options supporting the latest generation Intel powered EC2 instance types with or without local instance storage.
Storage
The AWS Outposts rack catalog includes Amazon EBS, Amazon S3 on Outposts, Amazon EBS Snapshots, CloudEndure migration, and CloudEndure Disaster Recovery storage options.
Networking
VPC extension
You can extend your existing Amazon VPC to your Outpost rack in your on-premises location. After installation, you can create a subnet in your regional VPC and associate it with an Outpost rack just as you associate subnets with an Availability Zone in an AWS Region. Instances in Outpost rack subnets communicate with other instances in the AWS Region using private IP addresses, all within the same VPC.
Local gateway
Load Balancer
You can provision an Application Load Balancer (ALB) to distribute incoming HTTP(S) traffic across multiple targets on your Outposts rack, such as Amazon EC2 instances, containers, and IP addresses. ALB on Outposts rack is designed to operate in a single subnet, and scale up to the capacity available on the Outposts rack to meet varying levels of application load.
Private Connectivity
Direct VPC routing and Customer-owned IP
Direct VPC routing for AWS Outposts allows your on-premises environment to directly communicate with the Outpost using the private subnets configured in the VPC. Alternatively, you can use the Customer-owned IP (CoIP) routing mode where the Outpost uses a separate IP address pool provided by you from your on-premises network.
AWS services on Outposts
You can run a variety of AWS services locally to build and run your applications on premises including Amazon ECS, Amazon EKS, Amazon RDS on Outposts, Amazon ElastiCache on Outposts, and Amazon EMR. Additionally, you can use AWS tools such as AWS CloudFormation, Amazon CloudWatch, AWS CloudTrail, Elastic BeanStalk, Cloud 9, and others to run and manage applications on Outposts rack.
Upgrading services running on Outposts
As new versions of AWS services become available in the cloud, AWS services running locally on Outposts rack will be upgraded to the latest version.
Access regional services
AWS Outposts rack is designed to be an extension of the AWS Region. You can extend your Amazon Virtual Private Cloud on premises and connect to a broad range of services available in the AWS Region.
Security and Compliance
Enhanced security with AWS Nitro
AWS Outposts rack builds on the AWS Nitro System technologies that enables AWS to provide enhanced security that helps monitor, protect, and verify your Outpost’s instance hardware and firmware.
Security model
AWS Outposts rack have an updated shared responsibility model underlying security. AWS is responsible for protecting Outposts racks’ infrastructure. Customers are responsible for securing their applications running on Outposts rack as they do in the Region. With Outposts rasck, customers are also responsible for the physical security of their Outpost racks, and for ensuring consistent networking to the Outpost rack.
High availability
Resource Sharing
AWS Outposts rack support for AWS Resource Access Manager (RAM) lets customers share access to Outposts rack resources.
AWS Outposts servers
Compute & storage
Compute
AWS Outposts servers includes a 1U server that supports Arm-based AWS Graviton2 powered EC2 instances, and a 2U server that supports 3rd generation Intel Xeon Scalable powered EC2 instances.
Storage
Networking
VPC extension
You can extend your existing Amazon Virtual Private Cloud (VPC) to your Outposts server in your on-premises location. After installation, you can create a subnet in your regional VPC and associate it with an Outpost just as you associate subnets with an Availability Zone in an AWS Region. Instances in Outpost subnets communicate with other instances in the AWS Region using private IP addresses, all within the same VPC.
Local network interface (LNI)
Outposts servers have an LNI that provides a Layer 2 presence on your local network for AWS service endpoints.
AWS services on Outposts
Locally supported AWS Services
You can run ECS, IoT Greengrass, or Sagemaker Edge Manager locally on Outposts servers, and connect to the AWS Region for a broad range of services available in the AWS Region.
Access regional services
AWS Outposts servers are an extension of the AWS Region. You can extend your Amazon VPC on premises and connect to a broad range of services available in the AWS Region. You can access all regional AWS services in your private VPC environment — for example, through interface endpoints, gateway endpoints, or their regional public endpoints.
AWS tools
You can access AWS tools running in the Region — for example, AWS CloudFormation, Amazon CloudWatch, AWS CloudTrail, Amazon Elastic Beanstalk, and AWS Cloud9.
Security and Compliance
Enhanced security with the AWS Nitro System
AWS Outposts servers are built on the Nitro System, which enables AWS to provide enhanced security that helps monitor, protect, and verify your Outpost’s instance hardware and firmware.
Security model
AWS Outposts servers have an updated shared responsibility model underlying security. AWS is responsible for protecting infrastructure for Outposts servers similar to how it secures infrastructure in the cloud today. You’re responsible for securing your applications running on Outposts servers as you do in the Region today. You’re also responsible for the physical security of your Outpost servers and ensuring consistent networking to them.
Additional Information
For additional information about service controls, security features and functionalities, including, as applicable, information about storing, retrieving, modifying, restricting, and deleting data, please see https://docs.aws.amazon.com/index.html. This additional information does not form part of the Documentation for purposes of the AWS Customer Agreement available at http://aws.amazon.com/agreement, or other agreement between you and AWS governing your use of AWS’s services.