Networking & Content Delivery
Category: Advanced (300)
Analyzing stale security group rules using serverless architecture
Security is a top priority for AWS and customers running workloads in AWS. The previous post Top 10 security items to improve in your AWS account, covered the top security items that AWS customers should pay special attention to if they want to improve their security posture. High on the list is the need to […]
Creating Disaster Recovery Mechanisms Using Amazon Route 53
We’ll start by outlining how AWS services provide reliability using control planes and data planes, then share high-level design principles for creating a failover mechanism. Finally, we’ll explain the features of Route 53 that make your DR approach more effective.
How to optimize content for search engines with AWS WAF Bot Control and Amazon CloudFront
Search engine crawlers – a special bot type used to index your site – are very important visitors. They make sure that your content is searchable by end users. If a crawler can’t easily read your content, then any updates you make might not be immediately reflected in the search results. Depending on the algorithms […]
Providing controlled internet access through centralised proxy servers using AWS Fargate and PrivateLink
In this post we provide a regional solution for controlling outbound internet access to 1000s of Amazon Virtual Private Clouds (VPCs) using AWS Fargate and AWS PrivateLink. It removes the need to manage any proxy servers or to provide Layer 3 connectivity between your VPCs. It also provides an end-to-end deployment pipeline with a simple, […]
Migrating accounts between AWS Organizations from a network perspective
In this post, we’ll discuss the considerations, recommendations, and approach for migrating AWS accounts between AWS Organizations from a networking perspective. We’ll explain the behavior of AWS networking resources when AWS accounts are moved between Organizations. We’ll also analyze the behavior from different viewpoints including service availability, management and governance, as well as commercial and operations. […]
AWS Cloud WAN and AWS Transit Gateway migration and interoperability patterns
Introduction At AWS re:Invent 2021, we launched a public preview of AWS Cloud WAN, a managed service for creating a global network using AWS global network infrastructure. Cloud WAN makes it easy to build and operate global wide area networks (WAN) to connect your data centers, branch offices, and Amazon Virtual Private Clouds (VPCs). Cloud […]
How to integrate Linux instances with AWS Gateway Load Balancer
When I meet with customers and discuss AWS Gateway Load Balancer (GWLB), I often get asked for suggestions regarding integrating it with their existing Linux appliances. GWLB utilizes GENEVE encapsulation with some important custom metadata, which doesn’t natively work with either Linux or Linux’s GENEVE module (which is designed only for Ethernet (Layer 2) packets, […]
Running multicast-enabled containers on AWS
Introduction Multicast is a popular IP-based communication mechanism that is actively employed in many industry verticals, including finance, media, telco, transportation, and others. This post describes how to enable multicast in container environments orchestrated by Amazon Elastic Container Service (ECS). Although Amazon ECS is a fully managed container orchestration service, some additional steps must be […]
Continuous verification of network compliance using Amazon VPC Network Access Analyzer and AWS Security Hub
Introduction As your distributed application teams operate network infrastructure, it can be challenging for central security, networking, or cloud operations teams to determine whether the correct network controls are in place. Network controls, such as firewall rules, NAT Gateways, network access control lists (ACL’s), security groups, and network segmentation, serve as a critical first line […]
Calculating data transfer leveraging Amazon VPC flow logs
Introduction There are several factors that contribute towards your overall costs incurred in AWS cloud. When it comes to networking, many customers ask about data transfer charges. You pay a Data Transfer charge when you send data out from AWS to Internet, between AWS Regions, or between Availability Zones (AZ). Today, there are multiple ways […]