Accessing your data from on-premises
FSx for OpenZFS supports the use of Amazon Direct Connect or Amazon VPN to access your file systems from your on-premises compute instances. Using Amazon Direct Connect, you access your file system over a dedicated network connection from your on-premises environment. Using Amazon VPN, you access your file system from your on-premises devices over a secure and private tunnel.
After you connect your on-premises environment to the VPC associated with your Amazon FSx file system, you can access your file system using its DNS name or a DNS alias. You do so just as you do from compute instances within the VPC. For more information about Amazon Direct Connect, see What is Amazon Direct Connect? in the Amazon Direct Connect User Guide. For more information on setting up Amazon VPN connections, see VPN connections in the Amazon VPC User Guide.
Accessing Multi-AZ file systems
Amazon FSx requires that you use Amazon Transit Gateway to access Multi-AZ file systems from an
on-premises network. In order to support failover across AZs for Multi-AZ file
systems, Amazon FSx uses floating IP addresses for the interfaces used for NFS endpoints. Because the NFS endpoints use floating IPs, you must use Amazon Transit Gateway
If you have a Multi-AZ file system with an endpoint IP address range that's outside your VPC's CIDR range, you need to set up additional routing in your Amazon Transit Gateway to access your file system from peered or on-premises networks. For information, see Configuring routing using Amazon Transit Gateway.