AWS Architecture Blog

Category: AWS Transit Gateway

Multi-Region security, identity, and compliance services

Creating a Multi-Region Application with AWS Services – Part 1, Compute, Networking, and Security

Many AWS services have features to help you build and manage a multi-Region architecture, but identifying those capabilities across 200+ services can be overwhelming. In this 3-part blog series, we filter through those 200+ services and focus on those that have specific features to assist you in building multi-Region applications. In Part 1, we’ll build […]

Read More
Figure 2. Architecture pattern (high-level layout)

Use a City Planning Analogy to Visualize and Create your Cloud Architecture

If you are new to creating cloud architectures, you might find it a daunting undertaking. However, there is an approach that can help you define a cloud architecture pattern by using a similar construct. In this blog post, I will show you how to envision your cloud architecture using this structured and simplified approach. Such […]

Read More
Figure 5. Connectivity examples for AWS networking and content delivery services

Augmenting VMware Cloud on AWS Workloads with Native AWS services

VMware Cloud on AWS allows you to quickly migrate VMware workloads to a VMware-managed Software-Defined Data Center (SDDC) running in the AWS Cloud and extend your on-premises data centers without replatforming or refactoring applications. You can use native AWS services with Virtual Machines (VMs) in the SDDC, to reduce operational overhead and lower your Total […]

Read More

Overview of Data Transfer Costs for Common Architectures

Data transfer charges are often overlooked while architecting a solution in AWS. Considering data transfer charges while making architectural decisions can help save costs. This blog post will help identify potential data transfer charges you may encounter while operating your workload on AWS. Service charges are out of scope for this blog, but should be […]

Read More
Figure 1. Centralized inspection architecture with AWS Network Firewall and imported rules

Integrate AWS Network Firewall with your ISV Firewall Rulesets

You may have requirements to leverage on-premises firewall technology in AWS by using your existing firewall implementation. As you move these workloads to AWS or launch new ones, you may replicate your existing on-premises firewall architecture. In this case, you can run partner appliances such as Palo Alto and Fortinet firewall appliances on Amazon EC2 […]

Read More
Solution Architecture illustrating the Multi-Region architecture connected via Transit Gateway

Field Notes: Designing Multi-Region AWS Managed Microsoft Active Directory for Hybrid Environments

Previously, customers with large and complex Microsoft Active Directory deployments across geographies faced challenges when migrating their on-premises Active Directory to AWS. Integrating with AWS Managed Microsoft Active Directory also proved difficult. The AWS Managed Microsoft Active Directory Multi-Region feature that was released last year simplifies global deployment for these customers and mitigates their migration […]

Read More
Decision tree applied to Example Corp. Automotive use case

New Whitepaper: Selecting & Designing Your Hybrid Connectivity Model

Introduction Many organizations need to connect their on-premises data centers, remote sites, and the cloud. A hybrid network connects these different environments. A modern organization uses an extensive array of IT resources. In the past, it was common to host these resources in an on-premises data center or a colocation facility. With the increased adoption […]

Read More
How different AWS accounts are connected via AWS Transit Gateway

Field Notes: Working with Route Tables in AWS Transit Gateway

An AWS Transit Gateway enables you to attach Amazon VPCs, AWS S2S VPN and AWS Direct Connect connections in the same Region, and route traffic between them. Transit Gateways are designed to be highly scalable and resilient. You can attach up to 5000 VPCs to each gateway and each attachment can handle up to 50 […]

Read More
Optimizing application performance with Accelerated VPN connections

Improve VPN Network Performance of AWS Hybrid Cloud with Global Accelerator

Introduction Connecting on-premises data centers to AWS using AWS Site-to-Site VPN to support distributed applications is a common practice. With business expansion and acquisitions, your company’s on-premises IT footprint may grow into various geographies, with these multiple sites comprising of on-premises data centers and co-location facilities. AWS Site-to-Site VPN supports throughput up to 1.25 Gbps, […]

Read More
Global WAN

Leveraging AWS Global Backbone for Data Center Migration and Global Expansion

Many companies run their applications in data centers, server rooms or in space rented from colocation providers in multiple countries. Those companies usually have a mixture of a small number of central large data centers where their core systems are hosted in several smaller, regional data centers. These offices in the multiple countries require access […]

Read More