Networking & Content Delivery

Category: Amazon VPC

Using the AWS CDK and AWS Transit Gateway Inter-Region peering to build a global network

An Amazon VPC is a logically isolated section of the AWS cloud. Some of our largest enterprise customers have global networks containing VPCs that need to communicate across different AWS Regions, even across different AWS accounts. While this can appear like a cumbersome and complex task, with AWS Transit Gateway Inter-Region peering, it can be […]

Read More

Automating DNS infrastructure using Route 53 Resolver endpoints

Introduction DNS name resolution is a fundamental part of all on-premises and cloud networks. For customers with hybrid networks, additional infrastructure and configuration are needed for private DNS resolution to work seamlessly across environments. However, building this type of DNS infrastructure in a multi-account environment is complex. In this post, we show how to automate […]

Read More
Scale your Remote VPN on AWS

Scale your Remote Access VPN on AWS

AWS gives you the ability to extend existing on-premises remote access VPN solutions to the cloud. This not only allows access to resources within AWS, but using hybrid connectivity, also to on-premises resources. VPN clients use AWS internet connectivity as an entry point, and the flexibility of Amazon EC2 to scale capacity behind remote access […]

Read More

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Read More

Securing VPCs Egress using IDS/IPS leveraging Transit Gateway

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

Read More

How to integrate third-party firewall appliances into an AWS environment

Many customers have requirements to leverage existing on-premises firewall technology or want to get started in AWS by using their existing firewall expertise. A large number of firewall vendors have versions of their software in the AWS Marketplace that work in either bring-your-own-license (BYOL) or pay-as-you-go pricing models. This makes it easy to get up and running […]

Read More
Network Architecture that shows Direct Connect Gateway attached to private virtual interface, and associated to virtual private gateway in two region.

Setting up AWS Direct Connect gateway to route DX traffic to any AWS Region

Direct Connect Senior Product Managers Madhura Kale and Erik Klavon contributed to this post. AWS Direct Connect (DX) has been a popular method for businesses to connect to AWS services, giving users a secure and reliable connection to an AWS Region. There are more than 100 DX locations available globally across major cities. However, you […]

Read More
TransitGatewayArchitectureDiagram

Automating AWS Transit Gateway attachments to a transit gateway in a central account

As IT environments grow, they can become more complex, with additional accounts, VPCs, and the networking between them. AWS Transit Gateway is a service that addresses networking complexity by building a hub-and-spoke network to simplify your network routing and security. With Transit Gateway, you can connect your Virtual Private Clouds (VPCs) that span multiple accounts […]

Read More

Performing Route 53 health checks on private resources in a VPC with AWS Lambda and Amazon CloudWatch

If you have ever used Amazon Route 53 health checks to monitor resources, you know that monitored resources must have public IP addresses. This is because Route 53 health checkers are public and they can only monitor hosts with IP addresses that are publicly routable on the internet. You may want to monitor your resources […]

Read More

Migrate from Transit VPC to AWS Transit Gateway

Amazon Virtual Private Cloud (Amazon VPC) provides you with the ability to create as many virtual networks as you need. It also provides different options for connecting these networks to each other and to non-AWS infrastructure, such as on-premises data centers, remote headquarters, or other offices. Most of you start this journey with a few […]

Read More