Installing the data broker in AWS Edit on GitHub Request doc changes

Contributors netapp-bcammett

When you create a sync relationship, choose the AWS Data Broker option to deploy the data broker software on a new EC2 instance in a VPC. Cloud Sync guides you through the installation process, but the requirements and steps are repeated on this page to help you prepare for installation.

You also have the option to install the data broker on an existing Linux host in the cloud or on your premises. Learn more.

Supported AWS regions

All regions are supported except for the China and GovCloud (US) regions.

Networking requirements

  • The data broker needs an outbound internet connection so it can poll the Cloud Sync service for tasks over port 443.

    When Cloud Sync deploys the data broker in AWS, it creates a security group that enables the required outbound communication. Note that you can configure the data broker to use a proxy server during the installation process.

    If you need to limit outbound connectivity, see the list of endpoints that the data broker contacts.

  • NetApp recommends configuring the source, target, and data broker to use a Network Time Protocol (NTP) service. The time difference between the three components should not exceed 5 minutes.

Permissions required to deploy the data broker in AWS

The AWS user account that you use to deploy the data broker must have the permissions included in this NetApp-provided policy.

Requirements to use your own IAM role with the AWS data broker

When Cloud Sync deploys the data broker, it creates an IAM role for the data broker instance. You can deploy the data broker using your own IAM role, if you prefer. You might use this option if your organization has strict security policies.

The IAM role must meet the following requirements:

Follow the steps below to specify the IAM role when creating the AWS CloudFormation stack.

Installing the data broker

You can install a data broker in AWS when you create a sync relationship.

Steps
  1. Click Create New Sync Relationship.

  2. On the Define Sync Relationship page, choose a source and target and click Continue.

    Complete the steps until you reach the Data Broker page.

  3. On the Data Broker page, click AWS Data Broker.

    If you already have a data broker, you’ll need to click the A screenshot if the plus icon icon first.

    A screenshot of the Data Broker page that enables you to choose between an AWS

  4. Enter a name for the data broker and click Continue.

    The AWS CloudFormation Console loads in a separate browser tab. The Cloud Sync service uses a CloudFormation template to quickly provision the data broker instance. The Cloud Sync service does not have access to your AWS credentials because you are logging in directly to AWS.

  5. Follow the instructions to install the data broker.

    To use your own IAM role, enter the name of the role when you specify details for the AWS CloudFormation stack:

    A screenshot of the AWS CloudFormation Console that shows the IAM role name field.

    The following video shows how to launch the data broker instance:

    The instance takes approximately 5 to 10 minutes to deploy. You can monitor the progress from the AWS CloudFormation console, or you can return to the Cloud Sync service website, which automatically refreshes when the instance is available.

  6. After the data broker is available, click Continue in Cloud Sync.

    The following image shows a successfully deployed instance in AWS:

    This screenshot shows a successfully deployed instance. The interface shows details about the instance including AWS networking.

  7. Complete the pages in the wizard to create the new sync relationship.

Result

You have deployed a data broker in AWS and created a new sync relationship. You can use this data broker with additional sync relationships.