Client-Side Network Resources - AWS

The following table provides a list of resources required for client-side network configuration.

Field Example Value Where to find this information
Stack Name dhs-vpc-bastion-stack The name for this collection of AWS network resources. The stack name is generated by the user.
Availability Zone us-east-1a, us-east-1c, us-east-1e Select three of your preferred availability zones. DHS requires at least three availability zones to ensure high availability (HA).
Important: If you use more than three availability zones, download the template and modify the file to add more entries for Private/Public Subnet CIDRs, Route Associations, and so on. Use "Upload a template to Amazon S3" as the option when creating a CloudFormation stack.
VPC CIDR 10.0.0.0/21 Range of IPv4 addresses used to set up your client-side VPC. Primary CIDR (Classless Inter-Domain Routing) block for your VPC.
Important: The CIDR block 20.0.0.0/10 is used internally. If your VPC CIDR is within the 20.0.0.0/10 range of IP addresses, your CIDR block size must be between /20 and /28 subnet masks. The maximum amount of IP addresses in a CIDR block is 4,096, including all subnets.
Private and Public Subnet CIDRs 10.0.0.0/23, 10.0.2.0/23, 10.0.4.0/23, 10.0.6.0/25, 10.0.6.128/25, 10.0.7.0/25 CIDRs used to allocate IP addresses for each subnet. If you use the customer-example.template to set up a client-side VPC, use the default values.
EC2 Key Name my-key-pair Name of the EC2 key pair to enable SSH access to the instance. For details, see Creating a Key Pair.
Key Certificate my-key-pair.pem Private key file that is automatically downloaded by your browser after you create an EC2 key pair. For details, see Creating a Key Pair.
Important: You will need the certificate file to configure SSH tunneling.
MarkLogic Service ID 123456789012 The ID that identifies you as a MarkLogic Service subscriber.

To find your MarkLogic Service ID in DHS,

VPC ID vpc-0f23c32843d97f2fb Your client-side VPC's identifier (vpc-*).

To find your VPC ID in AWS CloudFormation Console,

  • Navigate to the AWS CloudFormation Console.
  • Select the stack created when you set up a client-side VPC.
  • Select the Resources tab.

To find all of your VPC IDs in AWS,

  • Navigate to AWS.
  • From the top menu, navigate to Services > VPC.
  • In the Resources by Region page, click VPCs.
Public and Private Subnet Route Table IDs rtb-09cb034df9ee6b0e0 Your client-side VPC's route tables (rtb-*).

To find your Route Tables in AWS CloudFormation Console,

  • Navigate to the AWS CloudFormation Console.
  • Select the stack created when you set up a client-side VPC.
  • Select the Outputs tab.

To find all of your Route Tables in AWS,

  • Navigate to AWS.
  • From the top menu, navigate to Services > VPC.
  • In the Resources by Region page, click Route Tables.
Service Private and Public Subnet CIDRs 10.1.2.0/25, 10.1.3.0/24, 10.1.4.0/25, 10.1.0.0/25, 10.1.1.0/27, 10.1.5.0/24

The Private and Public Subnet CIDRs from your peered DHS network configuration.

Enter the Public Subnet CIDRs in the Service Public Subnet CIDR fields and the Private Subnet CIDRs in the Service Private Subnet CIDR fields. Enter one CIDR in each field.

After you set up a peered DHS network, the DHS network configuration produces the Private and Public Subnet CIDRs.

Peering Connection ID pcx-079d5f1a12c607814 After you set up a peered DHS network, the DHS network configuration produces the Peering Connection ID.