Networking & Content Delivery

Authorization@Edge using cookies: Protect your Amazon CloudFront content from being downloaded by unauthenticated users

Enterprise customers who host private web apps on Amazon CloudFront may struggle with a challenge: how to prevent unauthenticated users from downloading the web app’s source code (for example, React, Angular, or Vue). In a separate blog post, you can learn one way to provide that security using Amazon Lambda@Edge and Amazon Cognito, with an example […]

Read More

Integrating AWS Transit Gateway with AWS PrivateLink and Amazon Route 53 Resolver

I want to take some time to dive more deeply into a use case outlined in NET301 Best Practices for AWS PrivateLink. The use case involves using AWS Transit Gateway, along with Amazon Route 53 Resolver, to share AWS PrivateLink interface endpoints between multiple connected Amazon virtual private clouds (VPCs) and an on-premises environment. We’ve seen […]

Read More

How Flowplayer Improved Live Video Ingest With AWS Global Accelerator

Flowplayer is an online video platform designed for publishers and the media industry. Founded in 2007, their platform fast became known for being a powerful yet lightweight solution. Rather than concentrating on just a single subset of the market, they have designed their solution to suit small, specialized businesses all the way up to global-scale […]

Read More

TCP BBR Congestion Control with Amazon CloudFront

One of the fundamental value propositions of a content delivery network (CDN) is performance.  Two of the key aspects of great performance are latency and throughput: that is, delivering a large volume of bits quickly and consistently.  These attributes play a critical role in content delivery of all kinds, from video streams to API calls.  […]

Read More

Leveraging external data in Lambda@Edge

Introduction Lambda@Edge is a feature of Amazon CloudFront that allows developers to implement custom logic for manipulating HTTP request/response exchanges or generating responses on the fly with low latency. Lambda@Edge empowers our customers with a full programming language (Node.js) to implement advanced logic. While customers often write stateless logic that is fully contained in Lambda@Edge […]

Read More

Four Steps for Debugging your Content Delivery on AWS

Introduction Werner Vogels, chief technology officer for AWS, has been quoted as saying: “Everything fails all the time.” Well, his quote applies as well to content delivery with Amazon CloudFront and Lambda@Edge. In content delivery, issues might occur in different places, for example: On your origin, when it returns HTTP 5xx errors On CloudFront, when […]

Read More

Centralized DNS management of hybrid cloud with Amazon Route 53 and AWS Transit Gateway

A successful hybrid networking strategy goes beyond private network connectivity. It often requires dealing with independent internal zones both in Amazon Virtual Private Cloud (Amazon VPC) and on-premises. Such a strategy needs Domain Name System (DNS) naming that spans the entire network. Typically, this is managed by providing name resolution services in the same place […]

Read More

Migrate from Transit VPC to AWS Transit Gateway

Amazon Virtual Private Cloud (Amazon VPC) provides you with the ability to create as many virtual networks as you need. It also provides different options for connecting these networks to each other and to non-AWS infrastructure, such as on-premises data centers, remote headquarters, or other offices. Most of you start this journey with a few […]

Read More

Continually Enhancing Domain Security on Amazon CloudFront

Last year, a colleague of mine wrote a blog post about new security measures that Amazon CloudFront was implementing to enhance the security of how domains are used on CloudFront distributions. This included mitigations to prevent the abusive use of domain fronting practices by not allowing SSL handshake requests and subsequent requests over the secured […]

Read More