AWS connecting between instances within availability zone

amazon ec2amazon-web-services

Few questions:

Are us-east-1a, us-east-1b, and us-east-1d considered one or three availability zone?
Say I have two instances within us-east-1a, one has a mongodb server, the other has a nodejs app. Do I need to add permissions for port 27017 (mongodb) to the security group for the app server to connect to the mongo server?
Same question as above, but say one server is in us-east-1a and the other is in us-east-1b. Do I need to modify the security group?
Would the VPC or Subnet ID have any effects on communication between instances?

Best Answer

Are us-east-1a, us-east-1b, and us-east-1d considered one or three availability zone?

Three AZs within one region.

Say I have two instances within us-east-1a, one has a mongodb server, the other has a nodejs app. Do I need to add permissions for port 27017 (mongodb) to the security group for the app server to connect to the mongo server?

Yes. All traffic must be permitted by security group policy.

Same question as above, but say one server is in us-east-1a and the other is in us-east-1b. Do I need to modify the security group?

Security groups are not concerned with availability zones, only IP addresses and/or security group IDs.

Would the VPC or Subnet ID have any effects on communication between instances?

This is a very broad question, and depends greatly on how you have your security groups and network ACLs configured. The easiest way to sort this out is just to mock up your design using an actual VPC and actual instances. It shouldn't cost you more than a dollar or so to do this using micro instances.

Best Answer

Related Solutions

Good way to clone a whole EC2 stack to another availability zone

Routing between the instances in AWS

Related Topic