Networking & Content Delivery

Category: AWS Lambda

Geo-block Content Using Amazon Location and Edge Services

Organizations require methods to restrict access to content to adhere to compliance and regulatory requirements, sanctions, privacy laws, territorial ownership rights, security controls, etc. One way that companies restrict access is by Geo-blocking – restricting access to a website or another piece of content based on a user’s location. A popular method of geo-blocking content is […]

Hybrid inspection architectures with AWS Local Zone

Hybrid inspection architectures with AWS Local Zones

Customers often ask about hybrid security inspection architecture patterns for latency-sensitive applications, where they want to run their workloads inside of AWS Local Zones, to perform security inspection but without compromising latency. In this post, we share some hybrid inspection architectures with traffic flows, where both workloads and security inspection appliances run inside of the […]

Automating Domain Delegation for Public Applications in AWS

Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]

Automated VPC prefix list population for cross-Region and in-Region security group referencing

AWS customers regularly use the ability to reference another security group in the same Amazon Virtual Private Cloud (VPC), or a peered VPC in the same Region, as a dynamic reference. This ability allows customers who have highly ephemeral workloads to adopt the practice of least privilege more easily. We do not currently support security […]

Calculating data transfer leveraging Amazon VPC flow logs

Introduction There are several factors that contribute towards your overall costs incurred in AWS cloud. When it comes to networking, many customers ask about data transfer charges. You pay a Data Transfer charge when you send data out from AWS to Internet, between AWS Regions, or between Availability Zones (AZ). Today, there are multiple ways […]

Enabling granular operational visibility for CloudFront with CloudWatch

Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. CloudFront integrates natively with Amazon CloudWatch to provide monitoring and observability capabilities. With the introduction of CloudFront real-time logs, it is now possible to create highly granular custom metrics in CloudWatch to view […]

Title image for Automating Connectivity assessments with VPC Reachability Analyzer

Automating connectivity assessments with VPC Reachability Analyzer

If your network architecture is complex, and you’d like to quickly identify application connectivity issues due to infrastructure changes, then the new Amazon Virtual Private Cloud (VPC) Reachability Analyzer can help. Often times, it is not always clear if changes to VPC infrastructure are affecting connectivity to applications and other AWS services. By implementing automated […]

Updating AWS Global Accelerator EC2 endpoints automatically based on Auto Scaling group events

AWS Global Accelerator is a network layer service that directs traffic to optimal endpoints over the AWS global network, this improves the availability and performance of your internet applications that are used by a global audience. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple […]

Performing Route 53 health checks on private resources in a VPC with AWS Lambda and Amazon CloudWatch

If you have ever used Amazon Route 53 health checks to monitor resources, you know that monitored resources must have public IP addresses. This is because Route 53 health checkers are public and they can only monitor hosts with IP addresses that are publicly routable on the internet. You may want to monitor your resources […]