Components
An Exchange environment deployed with Launch Wizard will include the following components:
-
A highly available architecture that spans two or three Availability Zones.
-
An Amazon VPC configured with public and private subnets, according to AWS best practices, to provide you with your own virtual network on AWS.
-
In the public subnets:
-
Managed network address translation (NAT) gateways to allow outbound internet access for resources in the private subnets.
-
(Optional) A Remote Desktop Gateway in an Auto Scaling group to allow inbound Remote Desktop Protocol (RDP) access to Amazon EC2 instances in public and private subnets.
-
(Optional) Exchange Edge Transport servers for routing internet email in and out of your environment.
-
-
In the private subnets:
-
Active Directory domain controllers.
-
Windows Server EC2 instances functioning as Exchange nodes.
-
By default, Launch Wizard deploys Exchange using two Availability Zones. You can also choose to use
three Availability Zones which enable automatic failover of database availability groups
You can choose to use an internal Application Load Balancer as part of the deployment to provide high availability and distribute traffic to the Exchange nodes. In this configuration, you need to import a Secure Sockets Layer (SSL) certificate into AWS Certificate Manager before deploying Exchange with Launch Wizard.
AWS Secrets Manager is used to securely store the Exchange administrative account credentials. SSM Parameter Store is used to retrieve the credentials when necessary.
You can build your Exchange environment with two Availability Zones as shown in the following diagram.
You can also build your Exchange environment with three Availability Zones to provide automatic failover of the DAGs as shown in the following diagram.
