Category: Amazon VPC

Amazon Web Services (AWS) customers can use the AWS global infrastructure to deploy workloads to multiple AWS Regions. They can create global networks that span multiple AWS Regions to connect these workloads to each other and to on-premises networks. A common design pattern is to use a central networking AWS account to own shared network resources, such as AWS Transit […]

Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]

Introduction Since their introduction in 2010, tags have been helping Amazon Web Services (AWS) customers identify, organize, and manage their resources by adding referenceable key/value pairs. In this post, we explore how tags can be used to automate the addition and removal of Amazon VPC Lattice resource associations, and cross account resource shares using Amazon […]

AWS provides hundreds of services to help you easily deploy resources and applications globally in minutes. This helps you rapidly expand your customer base across the world. At the time of writing this post, the AWS Cloud spans 102 Availability Zones (AZs) within 32 geographic AWS Regions around the world. As AWS is continuously growing, […]

Introduction Amazon Virtual Private Cloud (Amazon VPC) use Network Address Translation (NAT) so resources in private subnets can communicate with resources in the internet, other VPCs, on-premises networks, or even the same VPC using the NAT Gateway’s IP address. Amazon VPC NAT Gateway is managed by AWS and addresses this need while providing redundancy, scalability, […]

Today, on 30th August 2023, AWS launched a new enhancement to the Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing feature. With this enhancement, customers can now specify a Gateway Load Balancer Endpoint (GWLBE) as the next-hop in the virtual private gateway (VGW) route table. This allows customers to inspect their traffic coming into AWS […]

An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, and the need to provide service availability to IPv6-only clients. While undergoing this transformation, customers sometimes find it difficult to assess application behavior in IPv6-enabled environments on AWS. In this blog post, we show […]

Planning, tracking, and monitoring IP addresses for large-scale networks can challenging. Network Administrators often use a combination of spreadsheets, confluence pages, and home-grown tools to track IP address assignments across Amazon Virtual Private Clouds (Amazon VPCs), AWS Regions, and AWS accounts. However, these methods are largely manual and prone to errors, and even a minor […]

In this post, we provide recommendations to improve network performance on AWS and hybrid networks. In today’s enterprise networking environment, it is becoming common for customers to have multi-gigabit connectivity to AWS either through AWS Direct Connect or over the Internet. Although network bandwidth is fundamental, several other factors come into play for network performance, […]

In this blog post, we discuss how to connect on-premises and external services to Amazon VPC Lattice. We will go over architectural considerations and requirements for connecting services from trusted locations (on-premises), non-trusted locations (3rd party), and across AWS Regions. Then, we provide a solution that builds out a capability to facilitate this using AWS […]