Throughout this page, the following metavariables are used:
- SystemName is the Datomic system name
- Region is the AWS region in which the Datomic system is running.
The Storage CloudFormation stack creates a Virtual Private Cloud , named datomic-$(SystemName) in which to run the Datomic system. Inside this VPC, the stack also creates an applications security group named $(SystemName)-apps that you can use for client applications running in the Datomic system VPC. The security group that the Datomic system instances run in allows access from the applications security group.
If you run your applications in a different VPC than the one the Datomic system stack created, you must create a VPC Peering Connection between your VPC and the VPC the Datomic system stack creates.
See the AWS documentation for
- Creating and Accepting a VPC Peering Connection
- Updating the Route Tables
- Associating a VPC with a Privated Hosted Zone
If you want to allow applications in your existing VPC to refer to the
Datomic system entry point using its DNS name,
you must follow the last step above, "Associating a VPC with a Private Hosted Zone."
In this step, associate your existing VPC with the Datomic system Route 53 Hosted Zone, named
This allows the Datomic system VPC to handle private DNS resolution of the datomic.net domain for your VPC.
Note: If your application does not run in the provided datomic-$(SystemName)-apps security group, you must configure the datomic-$(SystemName)-entry security group to allow ingress from your application's security group.