Networking & Content Delivery

Restricting access on HTTP API Gateway Endpoint with Lambda Authorizer

Customers use Amazon API Gateway APIs for critical production applications ranging from simple HTTP proxies to full-blown API management with request transformation, authentication, and validation. Starting in 2019, HTTP APIs have provided an enhanced alternative to the traditional API Gateway REST APIs, with HTTP APIs offering up to 60% latency reduction, 71% cost reduction, and […]

Read More

Well-Architecting online applications with CloudFront and AWS Global Accelerator

Introduction Worldwide, millions of customers are actively using AWS to build applications for every imaginable use case, with a variety of regions in which they can deploy infrastructure. An AWS Region is a physical location where AWS clusters data centers and operates regional services, like AWS Elastic Compute Cloud (EC2) and Amazon Simple Storage Service […]

Read More

AWS Cloud WAN and Amazon VPC IPAM with AWS Control Tower

AWS Control Tower offers a straightforward way to set up and govern a multi-account AWS environment, following prescriptive best practices to build a secure landing zone quickly. You can provision tens, if not hundreds, of new AWS accounts at one time using AWS Control Tower. Once you provision accounts, you typically require the deployment of Amazon […]

Read More

IP Address Management for AWS Control Tower

For many customers, governing and auditing IP address allocation for at-scale networks is a complex, time-consuming, and potentially error-prone task. This is because application workloads are rapidly migrating to the cloud. Traditionally, network administrators have resorted to using combinations of spreadsheets, home-grown tools, and scripts to track address assignments across multiple accounts, Amazon Virtual Private […]

Read More

Migrating accounts between AWS Organizations from a network perspective

In this post, we’ll discuss the considerations, recommendations, and approach for migrating AWS accounts between AWS Organizations from a networking perspective. We’ll explain the behavior of AWS networking resources when AWS accounts are moved between Organizations. We’ll also analyze the behavior from different viewpoints including service availability, management and governance, as well as commercial and operations. […]

Read More

NetDevOps: A modern approach to AWS networking deployments

Networks have grown larger and more complex with time, but they continue to be the foundation upon which applications and services run. This critical component has demanding requirements to keep up with a high velocity application development world. How can you enable your network to deliver these requirements with confidence? By adopting NetDevOps practices. This […]

Read More

Automating Domain Delegation for Public Applications in AWS

Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]

Read More

Using Amazon CloudFront and Amazon S3 to build multi-Region active-active geo proximity applications

In today’s digital-first business environment with a globally distributed customer base, it becomes important to adopt an architecture that helps customers deliver digital assets to end-users with the lowest possible latency based on the geo-proximity of assets to the end user. Companies with digital assets stored in Amazon Simple Storage Service (Amazon S3) commonly configure the traffic to be […]

Read More

Introducing VPC Flow Logs for AWS Transit Gateway

Since the launch of Amazon Virtual Private Cloud (Amazon VPC) Flow Logs in 2015, customers have utilized VPC Flow Logs to gain better visibility of network traffic patterns on AWS by providing network telemetry data regarding the IP traffic flowing to and from ENIs within a given VPC. As customers’ networks grew, customers began utilizing […]

Read More

AWS Cloud WAN and AWS Transit Gateway migration and interoperability patterns

Introduction At AWS re:Invent 2021, we launched a public preview of AWS Cloud WAN, a managed service for creating a global network using AWS global network infrastructure. Cloud WAN makes it easy to build and operate global wide area networks (WAN) to connect your data centers, branch offices, and Amazon Virtual Private Clouds (VPCs). Cloud […]

Read More