Networking & Content Delivery

In part one of this post, we introduced two methods, Amazon CloudFront Functions and Lambda@Edge, for executing custom code at CloudFront edge Locations to modify request origins dynamically. This second post provides step-by-step setup instructions and code samples for implementing the two approaches for a subscription-based routing use case: CloudFront Functions with query string parameters […]

In the modern digital landscape, our lives are inescapably dominated by screens and browsers. From global product launches to flash sales and virtual concerts, events that once drew crowds to physical venues now drive millions of users to digital platforms simultaneously. The rapid rise of digital-first experiences has made the need to dynamically adjust content […]

As organizations scale globally, balancing user experience with operational costs becomes increasingly complex. Integrating Amazon CloudFront with Application Load Balancer (ALB) addresses this challenge by reducing latency by serving content from over 750 edge locations worldwide and maintaining persistent TCP connections between CloudFront and ALB origins while reducing Data Transfer Out (DTO) expenses through the […]

Starting today, Amazon CloudFront extends its mutual TLS (mTLS) capabilities to customer origins, which enables true end-to-end authentication throughout the entire connection path—from the viewers to the customer origins. CloudFront has supported viewer mTLS between viewers and CloudFront, so that customers can strongly authenticate clients before traffic ever enters their perimeter. With this launch, that […]

AWS Client VPN is a managed client-based VPN service that enables you to securely access your Amazon Web Services (AWS) resources and resources in your on-premises network. Amazon CloudWatch Logs Insights allows you to interactively search and analyze your log data in Amazon CloudWatch Logs. You can perform queries to help you more efficiently and […]

Security teams managing multi-account Amazon Web Services (AWS) environments face significant operational challenges when implementing consistent access controls. Traditional approaches necessitate duplicating VPN infrastructure, managing separate bastion hosts in each account, and maintaining fragmented security policies across multiple applications. This operational overhead increases infrastructure costs and attack surfaces. This post walks you through implementing AWS […]

Modernizing financial networks: Huatai Securities’ multicast implementation on AWS Note: This post is published in collaboration with Zhonghai Hu, Senior Architect at Huatai Securities and Ricky Chu, Infrastructure Project Manager, at Huatai Financial Holdings (Hong Kong). Huatai Securities Co., Ltd., a technology-driven securities group founded in 1991, is committed to transforming China’s securities industry through […]

In this post, we examine the ability for Amazon VPC IP Address Manager (IPAM) to automate prefix lists updates with prefix list resolver. This new feature uses the IPAM database to generate groups of IP addresses based on connectivity requirements and automates connectivity configurations by propagating IP addresses to Amazon Web Services (AWS) resources, such […]

It’s 2 AM when your phone alerts you to failing customer transactions in the North Virginia Region. As a network operator managing an Imaging platform on Amazon Web Services (AWS), you’re faced with troubleshooting an architecture that spans multiple Amazon Virtual Private Cloud (Amazon VPC), uses AWS Transit Gateway for interconnectivity, and runs many microservices. […]

Managing DNS query logging across multiple Amazon Virtual Private Clouds (VPCs) has long been a significant challenge for enterprise teams. The traditional approach required manual configuration of DNS query logging for each VPC individually, creating a cascade of operational problems. This fragmented process led to inconsistent implementation across different environments, compliance gaps due to missed […]