SQL Server with WSFC on AWS
Quick Start Reference Deployment Guide


AWS provides a set of building blocks (e.g., Amazon EC2 and Amazon VPC) that customers can use to provision infrastructure for their applications. In this model, some security capabilities, such as physical security, are the responsibility of AWS and are highlighted in the AWS security whitepaper. Other areas, such as controlling access to applications, fall on the application developer and the tools provided in the Microsoft platform.

This Quick Start configures the following security groups for SQL Server:

Security Group Associated with Inbound Interface Port(s)
WSFCSecurityGroup WSFCNode1, WSFCNode2, WSFCNode3, WSFCFileServer WSFCSecurityGroup ICMP-1, TCP135, TCP137, UDP137, TCP445, TCP1433, TCP1434, UDP1434, TCP3343, UDP3343, TCP5022, TCP5985
WSFCClientSecurityGroup WSFCNode1, WSFCNode2, WSFCNode3, WSFCFileServer SQLServerAccessSecurityGroup TCP1433
SQLServerAccessSecurityGroup Add instances that require access to SQL to this security group