Category: Compute

In this blog post, we discuss how to connect on-premises and external services to Amazon VPC Lattice. We will go over architectural considerations and requirements for connecting services from trusted locations (on-premises), non-trusted locations (3rd party), and across AWS Regions. Then, we provide a solution that builds out a capability to facilitate this using AWS […]

NetDevOps orchestrates and automates network changes to shorten the network delivery lifecycle, treats the network as code to allow for version control, and tests changes to make sure of quality and stability. This increased speed helps organizations better serve their customers and compete more effectively in the market. The post NetDevOps: A modern approach to AWS […]

Customers frequently use Elastic Load Balancing (ELB) load balancers and Amazon EC2 Auto Scaling groups (ASG) to build scalable, resilient workloads. When configured correctly, Amazon ELB health checks help make your workload more resilient to failures in your workload components behind the load balancer. However, you may need to make tradeoffs for handling different failure […]

Organizations today use many ways to drive traffic to their websites and applications. This is important for new feature launches, marketing campaigns, advertising, and so on. One common approach uses HTTP/S redirects, where you send a user from one domain, or Uniform Resource Locator (URL), to another. Redirects are incredibly useful tools when moving websites, […]

Organizations require methods to restrict access to content to adhere to compliance and regulatory requirements, sanctions, privacy laws, territorial ownership rights, security controls, etc. One way that companies restrict access is by Geo-blocking – restricting access to a website or another piece of content based on a user’s location. A popular method of geo-blocking content is […]

Customers often ask about hybrid security inspection architecture patterns for latency-sensitive applications, where they want to run their workloads inside of AWS Local Zones, to perform security inspection but without compromising latency. In this post, we share some hybrid inspection architectures with traffic flows, where both workloads and security inspection appliances run inside of the […]

In 2020, Amazon Elastic Compute Cloud (Amazon EC2) announced new network performance metrics for EC2 instances made available using ENA driver and Amazon CloudWatch agent. We covered the launch in this post. These network performance metrics give customers visibility into the number of packets queued or dropped when an instance’s networking allowances, such as Network […]

Many network appliances define idle connection timeout to terminate connections after an inactivity period. For example, appliances like NAT Gateway, Amazon Virtual Private Cloud (Amazon VPC) Endpoints, and Network Load Balancer (NLB) currently have a fixed idle timeout of 350 seconds. Packets sent after the idle timeout expired aren’t delivered to the destination. Some applications or […]

In this post we provide a regional solution for controlling outbound internet access to 1000s of Amazon Virtual Private Clouds (VPCs) using AWS Fargate and AWS PrivateLink. It removes the need to manage any proxy servers or to provide Layer 3 connectivity between your VPCs. It also provides an end-to-end deployment pipeline with a simple, […]

For many customers, governing and auditing IP address allocation for at-scale networks is a complex, time-consuming, and potentially error-prone task. This is because application workloads are rapidly migrating to the cloud. Traditionally, network administrators have resorted to using combinations of spreadsheets, home-grown tools, and scripts to track address assignments across multiple accounts, Amazon Virtual Private […]