Q: Why would I use AWS Outposts instead of operating in an AWS Region?
You can use Outposts to support your applications that have low latency or local data processing requirements. These applications may need to generate near real-time responses to end user applications or need to communicate with other on-premises systems or control on-site equipment. These can include workloads running on factory floors for automated operations in manufacturing, real-time patient diagnosis or medical imaging, and content and media streaming. You can use Outposts to securely store and process customer data that needs to remain on premises or in countries where there is no AWS region. You can run data intensive workloads on Outposts and process data locally when transmitting data to the cloud is expensive and wasteful and for better control on data analysis, back-up and restore.
Q: In which regions is Outposts available?
Outposts is supported in the following regions and customers can connect their Outposts to the following regions:
|US East (Ohio)||us-east-2|
|US East (N. Virginia)||us-east-1|
|US West (N. California)||us-west-1|
|US West (Oregon)||us-west-2|
|Middle East (Bahrain)||me-south-1|
|Asia Pacific (Sydney)||ap-southeast-2|
|Asia Pacific (Tokyo)||ap-northeast-1|
|Asia Pacific (Seoul)||ap-northeast-2|
|Asia Pacific (Singapore)||ap-southest-1|
|Asia Pacific (Hong Kong)||ap-east-1|
|AWS GovCloud (US-West)||us-gov-west-1|
|AWS GovCloud (US-East)||us-gov-east-1|
Q: In which countries will Outposts be available?
A: Outposts can be shipped to and installed in the following countries
- NA - US, Canada
- EMEA - All EU countries, Switzerland, Norway, and Bahrain
- APAC - Australia, Japan, South Korea, Singapore, and Hong Kong Special Administrative Region
Support for more countries coming soon.
Q: Can I order an Outpost to a country where Outposts has not launched and link it back to a supported Region?
A: No, we can deliver and install Outposts only in countries where Outposts can be delivered and supported.
Q: Can I use Outposts when it is not connected to the AWS Region or in a disconnected environment?
An Outpost relies on connectivity to the parent AWS Region. Outposts are not designed for disconnected operations or environments with limited to no connectivity. We recommend that customers have highly available networking connections back to their AWS Region. If interested in leveraging AWS services in disconnected environments such as cruise ships or remote mining locations, learn more about AWS services such as Snowball Edge which is optimized to operate in environments with limited to no connectivity.
Q: Can Outposts be used to meet data sovereignty requirements?
Outposts may address data sovereignty based on customers’ requirements. You can ensure that sensitive customer data stays on premises. However control plane data (e.g. instance IDs, monitoring metrics, metering records, tags, etc.) will flow back to the AWS Region. This addresses many of the data residency requirements we hear from our customers. We recommend you confirm with your compliance teams to ensure this addresses your residency and sovereignty requirements.
Q: Can S3 for Outposts support data residency or sovereignty requirements?
S3 for Outposts can be configured to never replicate data to the region. However, it is up to the customer to determine if it meets their business needs based on architecture and durability. For instance, certain control plane data such as bucket names and metrics may be stored in the AWS Region for reporting and management. More detail will be available when S3 for Outposts is generally available.
Q: Can I reuse my existing servers in an Outpost?
No, AWS Outposts leverages AWS designed infrastructure, and is only supported on AWS-designed hardware that is optimized for secure, high-performance, and reliable operations.
Q: Is there a software-only version of AWS Outposts?
No, AWS Outposts is a fully managed service that provides you with native access to AWS services.
Q: Can I order my own hardware that can be installed as part of my Outpost rack?
No, AWS Outposts provides fully integrated AWS designed configurations with built in top-of-rack switches and redundant power supply to ensure an ideal AWS experience. You can order as much compute and storage infrastructure as you need by selecting from the range of available Outpost options, or work with us to create a custom combination with your desired EC2 and EBS capacity. These are pre-validated and tested to ensure that you can get started quickly with no additional effort or configuration required on-site.
Q: Can I create EC2 instances using an EBS backed AMI on my Outposts?
A: Yes, you can launch EC2 instances using the AMIs backed with EBS gp2 volume types..
Q: Where are EBS snapshots stored?
A: Any EBS snapshots will be stored using Amazon S3 in the Region associated with your Outpost.
Getting started with ordering & installation
Q: Are there any prerequisites for deploying an Outpost at my location?
A: Your site must support the basic power, networking and space requirements to host an Outpost. Outposts need 5-15 kVA, can support 1/10/40/100 Gbps uplinks, and space for a 42U rack (80” X 24” X 48” dimensions). As Outposts require reliable network connectivity to the AWS Region, you should plan for a public internet connection. Customers must have Enterprise Support, which provides 24x7 remote support within 15 mins.
Security & compliance
Q: Do the same compliance certifications for AWS Services today apply for services on Outposts?
A: No, the existing certifications for AWS Services are applicable to services running entirely in an AWS Region. AWS Outposts and services on Outposts (i.e., launched locally on an Outpost) will go through a separate evaluation for certifications. Compared to certification for other AWS services, with AWS Outposts the customer owns the responsibility for physical security and access controls around the Outpost for compliance certification.
Q: Who is responsible for the physical security of the Outposts at my datacenter?
A: Customers are responsible for attesting to physical security and access controls around the Outpost as part of a shared responsibility model.
Support & maintenance
Q: How does AWS maintain AWS Outposts infrastructure?
A: When your Outpost is installed and is visible in the AWS Management Console, AWS will monitor it as part of the public Region and will automatically execute software upgrades and patches.
If there is a need to perform physical maintenance, AWS will reach out to schedule a time to visit your site. AWS may replace a given module as appropriate but will not perform any host or network switch servicing on customer premises.
Q: What happens when my facility's network connection goes down?
A: EC2 instances and EBS volumes on the Outpost will continue to operate normally and can be accessed locally via the local gateway. Similarly, AWS service resources such as ECS worker nodes continue to run locally. However, API availability will be degraded, for instance run/start/stop/terminate APIs may not work. Instance metrics and logs will continue to be cached locally for a few hours, and will be pushed to the AWS Region when connectivity returns. Disconnection beyond a few hours however may result in loss of metrics and logs. As Route53 DNS will not resolve when disconnected, an on-premises DNS resolver should be used if network disconnections are expected. If you expect to lose network connectivity, we strongly recommend regularly testing your workload to ensure it behaves properly in this state when an Outpost is disconnected.
Q: What type of control plane information flows back to the parent Region?
A: As an example, information about instance health, instance activity (launched, stopped), and the underlying hypervisor system may be sent back to the parent AWS Region. This information enables AWS to provide alerting on instance health and capacity, and apply patches and updates to the Outpost. Your team does not need to implement your own tooling to manage these elements, or to actively push security updates and patches for your Outpost. When disconnected, this information cannot be sent back to the parent Region.