Networking & Content Delivery
Category: AWS Lambda
Geo-block Content Using Amazon Location and Edge Services
Organizations require methods to restrict access to content to adhere to compliance and regulatory requirements, sanctions, privacy laws, territorial ownership rights, security controls, etc. One way that companies restrict access is by Geo-blocking – restricting access to a website or another piece of content based on a user’s location. A popular method of geo-blocking content is […]
Hybrid inspection architectures with AWS Local Zones
Customers often ask about hybrid security inspection architecture patterns for latency-sensitive applications, where they want to run their workloads inside of AWS Local Zones, to perform security inspection but without compromising latency. In this post, we share some hybrid inspection architectures with traffic flows, where both workloads and security inspection appliances run inside of the […]
Automating Domain Delegation for Public Applications in AWS
Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]
Automated VPC prefix list population for cross-Region and in-Region security group referencing
AWS customers regularly use the ability to reference another security group in the same Amazon Virtual Private Cloud (VPC), or a peered VPC in the same Region, as a dynamic reference. This ability allows customers who have highly ephemeral workloads to adopt the practice of least privilege more easily. We do not currently support security […]
Calculating data transfer leveraging Amazon VPC flow logs
Introduction There are several factors that contribute towards your overall costs incurred in AWS cloud. When it comes to networking, many customers ask about data transfer charges. You pay a Data Transfer charge when you send data out from AWS to Internet, between AWS Regions, or between Availability Zones (AZ). Today, there are multiple ways […]
Enabling granular operational visibility for CloudFront with CloudWatch
Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. CloudFront integrates natively with Amazon CloudWatch to provide monitoring and observability capabilities. With the introduction of CloudFront real-time logs, it is now possible to create highly granular custom metrics in CloudWatch to view […]
Secure and Cost-Effective Video Streaming using CloudFront signed URLs
Learn how to solve for a common challenge you may face when streaming video on demand (VOD) – limiting access to media streams for select and/or paying users.
Automating connectivity assessments with VPC Reachability Analyzer
If your network architecture is complex, and you’d like to quickly identify application connectivity issues due to infrastructure changes, then the new Amazon Virtual Private Cloud (VPC) Reachability Analyzer can help. Often times, it is not always clear if changes to VPC infrastructure are affecting connectivity to applications and other AWS services. By implementing automated […]
Updating AWS Global Accelerator EC2 endpoints automatically based on Auto Scaling group events
AWS Global Accelerator is a network layer service that directs traffic to optimal endpoints over the AWS global network, this improves the availability and performance of your internet applications that are used by a global audience. It provides static IP addresses that act as a fixed entry point to your application endpoints in a single or multiple […]
Performing Route 53 health checks on private resources in a VPC with AWS Lambda and Amazon CloudWatch
If you have ever used Amazon Route 53 health checks to monitor resources, you know that monitored resources must have public IP addresses. This is because Route 53 health checkers are public and they can only monitor hosts with IP addresses that are publicly routable on the internet. You may want to monitor your resources […]