Restricting AWS resources to same AZ connections

amazon-web-services

Let's suppose I have a ALB and a couple of EC2 instances (in auto scaling) spread over 3 AZs. And I also have a MultiAZ RDS instance with a few read replicas also spread across the same 3 AZs.

My question now is, how do I prevent my EC2 instances in one AZ from connecting to replicas in a different AZ while still maintaining failover and requiring minimal manual configuration. Assume I have a private Route53 zone that contains CNAME records (simple routing) pointing to my RDS instances if that makes things easier.

This is primarily to reduce connection latency and save on cost since AWS does charge for cross AZ traffic.


Given your AZs have a distinctive private IP range, you can create a Security Group that you can assign to your services in the AZ that blocks traffic from your other AZ private ranges.

Related

Is it feasible for a mobile app like a peer to peer torrent app to discover peers via Internet, not just direct Wifi? [closed]
Domain registrar said I need to provide at least two of DNS servers [closed]
How do I specify disk size for new machine instance for Azure?
Can Linux kernel support RSTP (802.1w)?
How to control AWS EC2 live from a web app [closed]
What is the weapon masterwork progression?
How do I log into another Battle.net account in Diablo 3?
How to add friends from pc to ps4?
Are there any special interactions between specific heroes in All Heroes mode of Retribution?
How do you pronounce "Lakitu"?
How Do I Activate the Gen 7/Previous Gen Post-Game Crossover Story?
How to find a Orc from a specific tribe in Shadow of War?