DataCenters
An AWS region e.g. us-east-1 has physical data centers where the actual infrastructure lives, e.g. us-east-1a, us-east-1b, etc.
But there's something you may not have known:
Availability Zones (AZs) in an AWS account may not always refer to the same data center(s) in a different AWS account.
In other words, for a region us-east-1, the AZ us-east-1a in one person's account (Account A) may not be in the same data center as the AZ us-east-1a in another person's account (Account B).
To ensure that resources provisioned in different AWS Accounts are placed in the same physical location, using the AZ name is not a reliable option.
Why Should You Care?
Latency: In a multi-account environment, where you have different AWS accounts for different purposes, you may require a service in one account to connect with another service in a different account. By placing those services in the same physical data center, the number of hops is reduced.
Compliance: In other to comply with company or national policies, some services may be required to stay in a particular location. Placing those services in the same region is a great way to ensure compliance, and you can go further to ensure that they are in the same physical data center.
If you care, then there is a solution -- Zone IDs!
Availability Zone ID
An Availability Zone ID is an ID that is consistent across all AWS accounts. An AZ Zone ID in Account A is the same physical data center for the same Zone ID in Account B.
- AZ Zone Name is not necessarily the same physical location in different AWS Accounts
- AZ Zone ID is the same physical location in different AWS Accounts
To get the availability zone ID, you can use the following command:
aws ec2 describe-availability-zones --region us-east-1
You can now proceed to use the Zone ID reliably.
Cheers!
If you liked this, let me know by reacting to this post or leaving a comment.
You can also Follow me on:
- X/Twitter: https://x.com/ileriayooo
- LinkedIn: https://linkedin.com/in/ileriayoadebiyi