Exchange Server on AWS
Quick Start Reference Deployment Guide

Quick Start Architecture Overview

This Quick Start gives you the ability to launch an Exchange Server 2013 infrastructure on AWS. The default configuration deploys the minimal amount of infrastructure to provide Microsoft Exchange Server high availability for a small deployment that supports 250 mailboxes. The core AWS components used by this Quick Start include the following AWS services:

  • Amazon VPC – The Amazon Virtual Private Cloud (Amazon VPC) service lets you provision a private, isolated section of the AWS cloud where you can launch AWS services and other resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways.

  • Amazon EC2 – The Amazon Elastic Compute Cloud (Amazon EC2) service allows you to launch virtual machine instances with a variety of operating systems. You can choose from existing Amazon Machine Images (AMIs) or import your own virtual machine images.

  • Amazon EBS – Amazon Elastic Block Store (Amazon EBS) provides persistent block-level storage volumes for use with Amazon EC2 instances on the AWS cloud. Each Amazon EBS volume is automatically replicated within its Availability Zone to protect you from component failure, offering high availability and durability. Amazon EBS volumes provide the consistent and low-latency performance needed to run your workloads.

  • Amazon Route 53 (optional) – The Amazon Route 53 service lets you configure Domain Name System (DNS) failover in active-active, active-passive, and mixed configurations to improve the availability of your application. When you have more than one resource—for example, more than one Exchange Server—performing the same function, you can configure Amazon Route 53 to check the health of your resources and respond to DNS queries using only the healthy resources. This Quick Start deploys all the resources shown in Figure 1. You can configure the Amazon Route 53 service manually after you launch the AWS CloudFormation stack.

When deploying a Windows-based environment on the AWS cloud, this Quick Start utilizes an architecture that supports the following best practices:

  • Critical workloads are placed in a minimum of two Availability Zones to provide high availability. In this case, the critical workloads are Active Directory domain controllers, Exchange servers, Remote Desktop (RD) gateways for remote administration over the Internet (if needed), Exchange Edge Transport servers, and network address translation (NAT) gateways for outbound Internet access.

  • Internal application servers and other non-Internet facing servers are placed in private subnets to prevent direct access to these instances from the Internet. In this Quick Start, domain controllers and multi-role Exchange servers are placed into a private Amazon VPC subnet in each Availability Zone.

  • RD gateways are deployed into public subnets in each Availability Zone for remote administration over the Internet. Other components, such as reverse proxy servers, can also be placed into these public subnets if needed. This Quick Start allows you to optionally deploy the Exchange Edge Transport role (an SMTP gateway) into the public subnets for routing Internet email in and out of your environment.