AWS Outposts delivers fully managed AWS infrastructure, native AWS services, APIs, and tools to virtually any customer on premises facility. AWS Outposts enables applications that need to run on premises due to low latency, local data processing, or local data storage needs while removing the undifferentiated heavy lifting required to procure, manage, and upgrade on premises infrastructure.
Compute & storage
You can choose from a range of pre-validated Outposts configurations offering a mix of EC2, EBS, and S3 capacity designed to meet a variety of application and data residency needs. You can also contact AWS to create a customized configuration designed for your unique application needs.
AWS Outposts catalog includes options supporting the latest generation Intel powered EC2 instance types with or without local instance storage.
General purpose (M5/M5d) instances provide a balance of compute, memory, and network resources and can be used for general-purpose workloads, web and application servers, backend servers for enterprise applications, gaming servers, and caching fleets.
Compute optimized (C5/C5d) instances are optimized for compute-intensive workloads and deliver cost-effective high performance at a low price per compute ratio. They are suited for compute intensive applications such as batch processing, media transcoding, high performance web servers, high performance computing (HPC), scientific modeling, dedicated gaming servers and ad server engines, machine learning inference.
Memory optimized (R5/R5d) instances are designed to deliver fast performance for workloads that process large data sets in memory. They are well suited for memory intensive applications such as high-performance databases, distributed web scale in-memory caches, mid-size in-memory databases, real- time big data analytics.
Graphics optimized (G4dn) are designed to help accelerate machine learning inference and graphics-intensive workloads. They can be used for machine learning inference for applications like adding metadata to an image, object detection, recommender systems, automated speech recognition, and language translation. They also provide a very cost-effective platform for building and running graphics-intensive applications, such as remote graphics workstations, video transcoding, photo-realistic design, and game streaming in the cloud.
I/O optimized (I3en) provides dense Non-Volatile Memory Express (NVMe) SSD instance storage optimized for low latency, high random I/O performance, high sequential disk throughput, and offers the lowest price per GB of SSD instance storage on Amazon EC2. It is well suited for NoSQL databases (Cassandra, MongoDB, Redis), in-memory databases (SAP HANA, Aerospike), scale-out transactional databases, distributed file systems, data warehousing, Elasticsearch, analytics workloads.
Support for EC2 instances powered by Graviton processors such as C6g, M6g, and R6g is coming in 2021.
Amazon EBS: AWS Outposts offers local instance storage, and Elastic Block Store (EBS) gp2 volumes for persistent block storage. Just as in the AWS Region, you can use EBS gp2 volumes for boot or data volumes, and attach or detach EBS volumes to EC2 instances on your Outpost. It provides snapshot and restore capabilities and lets you increase volume size without any performance impact. All EBS volumes and snapshots on Outposts are fully encrypted by default. Any EBS snapshots will be stored using Amazon S3 in the Region associated with your Outpost. EBS is offered in tiers of 2.7 TB, 11 TB, 33 TB, and 55 TB*.
Amazon S3: Amazon S3 on Outposts delivers object storage to your on-premises AWS Outposts environment. Using the S3 APIs and features available in AWS Regions today, S3 on Outposts makes it easy to store and retrieve data on your Outpost, as well as secure the data, control access, tag, and report on it. Using S3 on Outposts, you can store data on your Outpost to meet local data residency requirements, or satisfy demanding performance by keeping data close to on-premises applications. S3 on Outposts provides a new Amazon S3 storage class, named ‘S3 Outposts’, which uses the S3 APIs, and is designed to durably and redundantly store data across multiple devices and servers on your Outposts. To get started using S3 on Outposts, visit the AWS Outposts Management Console to order an Outposts configuration that includes S3 storage or to add S3 storage to an existing Outposts you can work with your account team.
You can seamlessly extend your existing Amazon VPC to your Outpost in your on premises location. After installation, you can create a subnet in your regional VPC and associate it with an Outpost just as you associate subnets with an Availability Zone in an AWS Region. Instances in Outpost subnets communicate with other instances in the AWS Region using private IP addresses, all within the same VPC.
Each Outpost provides a new local gateway (LGW) that allows you to connect your Outpost resources with your on premises networks. LGW enables low latency connectivity between the Outpost and any local data sources, end users, local machinery and equipment, or local databases.
You can provision an Application Load Balancer (ALB) to automatically distribute incoming HTTP(S) traffic across multiple targets on your Outposts, such as Amazon EC2 instances, containers, and IP addresses. ALB on Outposts is fully managed, operates in a single subnet, and scales automatically up to the capacity available on the Outposts rack to meet varying levels of application load without manual intervention.
With AWS Outposts Private Connectivity, you can establish a service link VPN connection from your Outposts to the AWS Region over AWS Direct Connect. Private Connectivity minimizes public internet exposure and removes the need for special firewall configurations.
AWS services on Outposts
You can run a variety of AWS services locally to build and run your applications on premises.
Amazon ECS: Run highly scalable, high-performance container orchestration service that supports Docker containers and allows you to easily run and scale containerized applications on Outposts. With ECS on Outposts you can run containerized applications that require low latencies to on premises systems. Amazon ECS running on Outposts eliminates the need for you to install and operate your own container orchestration software, manage and scale a cluster of virtual machines, or schedule containers on those virtual machines in your on premises environments. With simple API calls, you can launch and stop Docker-enabled applications and query the complete state of your application with the same ease as you manage containers as in the cloud today.
Amazon EKS: Amazon EKS is a managed service that makes it easy for you to run Kubernetes on AWS without needing to install and operate your own Kubernetes control plane. You can use EKS on Outposts to run containerized applications that require particularly low latencies to on premises systems. With EKS on Outposts, you can manage containers on premises with the same ease as you manage your containers in the cloud.
Amazon RDS on AWS Outposts: Amazon RDS on AWS Outposts supports MySQL and PostgreSQL database engines, with support for additional database engines coming soon. Amazon Relational Database Service (RDS) makes it easy to set up, operate, and scale a relational database in the cloud. Amazon RDS provides cost-efficient and resizable capacity while automating time-consuming administration tasks including infrastructure provisioning, database setup, patching, and backups, freeing you to focus on your applications. Amazon RDS on AWS Outposts brings these same benefits to your on premises Outposts deployments. You can run fully managed databases on premises for low latency workloads that need to be run in close proximity to on premises data and applications. You can manage RDS databases both in the cloud and on premises using the same AWS Management Console, APIs, and CLI. It also enables low-cost, high-availability hybrid deployments, with disaster recovery back to the AWS Region, read replica bursting to Amazon RDS in the cloud, and long-term archival in Amazon Simple Storage Service (Amazon S3) in the cloud.
Amazon ElastiCache on AWS Outposts: Amazon ElastiCache is a fully managed in-memory data store, compatible with Redis or Memcached, optimized for real-time applications with sub-millisecond latency. Amazon ElastiCache on AWS Outposts allows you to seamlessly set up, run, and scale popular open-Source compatible in-memory data stores on AWS Outposts capacities, as in the cloud. You can build data-intensive apps or boost the performance of your existing databases by retrieving data from high throughput and low latency in-memory data stores. Amazon ElastiCache on Outposts enables real-time use cases like Caching, Session Stores, Gaming, Geospatial Services, Real-Time Analytics, and Queuing, when deployed for local-data processing and low-latency applications.
Amazon EMR: Amazon EMR clusters running on AWS Outposts in your data center, co-location space, or on premises facility provide a truly consistent and seamless hybrid cloud analytics experience. You can deploy secure and managed EMR clusters in your data center in minutes. This gives business users the latest versions of Apache Spark, Apache Hive, and Presto to access critical on premises data sources and systems for big data analytics. When launching an EMR cluster into an Outpost, you can use the EMR console, SDK, or CLI to specify the subnet associated with your Outpost. Your EMR clusters run in the on premises Outpost instance and appear in the EMR console like any other cluster.
Upgrading services running on Outposts
As new versions of AWS services become available in the cloud, AWS services running locally on Outposts will be upgraded automatically to the latest version just as in the cloud today. Services such as Amazon RDS on AWS Outposts patch both OS and database engines within scheduled maintenance windows with minimum downtime.
Access regional services
AWS Outposts is an extension of the AWS Region. You can seamlessly extend your Amazon Virtual Private Cloud on premises and connect to a broad range of services available in the AWS Region. You can access all regional AWS services in your private VPC environment, for example, through Interface Endpoints, Gateway Endpoints, or their regional public endpoints.
You can access AWS tools running in the region such as AWS CloudFormation, Amazon CloudWatch, AWS CloudTrail, Elastic BeanStalk, Cloud 9, and others to run and manage applications on Outposts the same way as you do in the cloud today.
Security & compliance
Enhanced security with AWS Nitro
AWS Outposts builds on the AWS Nitro system technologies that enables AWS to provide enhanced security that continuously monitors, protects, and verifies your Outpost’s instance hardware and firmware. With AWS Nitro, virtualization resources are offloaded to dedicated hardware and software minimizing the attack surface. Finally, Nitro System's security model is locked down and prohibits administrative access, eliminating the possibility of human error and tampering.
AWS Outposts have an updated shared responsibility model underlying security. AWS is responsible for protecting Outposts’ infrastructure similar to how it secures infrastructure in the cloud today. Customers are responsible for securing their applications running on Outposts as they do in the Region today. With Outposts, customers are also responsible for the physical security of their Outpost racks, and for ensuring consistent networking to the Outpost.
Data-at-rest: Data is encrypted at rest by default on EBS volumes, and S3 objects on Outposts.
Data-in-transit: Data is encrypted in transit between Outposts and the AWS Region,through the Service Link.
Deleting data: All data is deleted when instances are terminated in the same way as in the AWS Region.
Outposts are designed for high availability with redundant top of rack networking switches, power elements, and built-in, always active, additional capacity (if provisioned) to enable reliable auto recovery workflows the same way as in AWS Regions. Similar to AWS Auto Scaling in the cloud today, we recommend best practices for high availability deployments and auto recovery workflows for easy failover in case of any underlying host issue. Customers can also deploy multiple Outposts at a site, each tied to a different Availability Zone for even higher availability.
AWS Resource Access Manager
AWS Outposts support for AWS Resource Access Manager (RAM) lets customers share access to Outposts resources – EC2 instances, EBS volumes, subnets, and local gateways (LGWs) – across multiple accounts under the same AWS organization. This new capability allows distributed teams and business units in customer organization to configure VPCs, launch and run instances, and create EBS volumes on the shared Outpost.