Networking & Content Delivery

Building a global network using AWS Transit Gateway Inter-Region peering

Global companies have historically dedicated considerable financial and engineering resources to building wide-area-networks (WANs) so people in different geographies could stay connected and operate as a single entity. Those WANs are typically implemented using Carrier Ethernet (CE) services delivered by leading telecommunications providers, commonly referred to as MPLS services. In recent years, the IT “center […]

Read More

60-second update

0:60 | Got a minute? Here’s the latest on AWS networking. 0:57 | New Features AWS Transit Gateway Network Manager announced route analyzer. This feature verifies your AWS Transit Gateway routing configuration before, and after, you send live traffic. Plus, it helps chase down route-related traffic disruption. 0:46 | More Regions for AWS Transit Gateway AWS Transit […]

Read More

Using the AWS CDK and AWS Transit Gateway Inter-Region peering to build a global network

An Amazon VPC is a logically isolated section of the AWS cloud. Some of our largest enterprise customers have global networks containing VPCs that need to communicate across different AWS Regions, even across different AWS accounts. While this can appear like a cumbersome and complex task, with AWS Transit Gateway Inter-Region peering, it can be […]

Read More

Automating DNS infrastructure using Route 53 Resolver endpoints

Introduction DNS name resolution is a fundamental part of all on-premises and cloud networks. For customers with hybrid networks, additional infrastructure and configuration are needed for private DNS resolution to work seamlessly across environments. However, building this type of DNS infrastructure in a multi-account environment is complex. In this post, we show how to automate […]

Read More

Introducing Amazon CloudWatch Metrics for AWS Direct Connect virtual interfaces

AWS Direct Connect (DX) recently launched support for virtual interface (VIF) metrics in Amazon CloudWatch. With this new enhancement, CloudWatch can now track metrics at the DX VIF level and provide greater insight into utilization. You can set up alarms based on metrics and trigger actions to remediate problems. I’ve heard from many customers that […]

Read More

Authenticate AWS Client VPN users with SAML

Introduction Authenticating users to applications and services on the web and at scale can be challenging. Having a separate set of credentials for each application is not an efficient approach. It is difficult to manage for IT departments and doesn’t provide a good experience for users. A common way to solve this challenge is to use […]

Read More

Serving SSE-KMS encrypted content from S3 using CloudFront

Introduction A best practice for your web applications is to use Amazon S3 to store content and Amazon CloudFront to deliver it to users. When building this way, AWS Well-Architected Framework recommends protecting your data at rest and in transit. Encryption is one of protection controls AWS provides you to reduce the risks of unauthorized access, loss, […]

Read More
AWS Global Accelerator with CloudFormation

Using AWS CloudFormation with AWS Global Accelerator

AWS Global Accelerator is a networking service that helps you achieve lower latency, greater performance, and higher availability for internet traffic between your users’ client devices and your applications running on AWS. By using AWS CloudFormation with Global Accelerator, customers can use the power of infrastructure as code to build Global Accelerator deployments in a safe, secure, and repeatable manner. This blog […]

Read More
Scale your Remote VPN on AWS

Scale your Remote Access VPN on AWS

AWS gives you the ability to extend existing on-premises remote access VPN solutions to the cloud. This not only allows access to resources within AWS, but using hybrid connectivity, also to on-premises resources. VPN clients use AWS internet connectivity as an entry point, and the flexibility of Amazon EC2 to scale capacity behind remote access […]

Read More

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Read More