Networking & Content Delivery

Category: Technical How-to

Creating active passive BGP connections over AWS Direct Connect

Creating active/passive BGP connections over AWS Direct Connect

There are many ways to connect your data centers to Amazon Web Services. This blog post answers a few common questions that customers ask us when trying to build a communications path over AWS Direct Connect (DX). In particular, how to create active passive Border Gateway Protocol (BGP) connections with AWS over Direct Connect. To […]

Read More

Diagnosing traffic disruption using AWS Transit Gateway Network Manager Route Analyzer

Diagnosing problems in your network traffic or fixing routing issues between your AWS Transit Gateways can be complex. The new Route Analyzer feature for AWS Transit Gateway Network Manager is designed to diagnose and resolve network disruptions quickly. With Network Manager, you can centrally manage networks built around AWS Transit Gateways. You are able to […]

Read More

Building a global network using AWS Transit Gateway Inter-Region peering

Global companies have historically dedicated considerable financial and engineering resources to building wide-area-networks (WANs) so people in different geographies could stay connected and operate as a single entity. Those WANs are typically implemented using Carrier Ethernet (CE) services delivered by leading telecommunications providers, commonly referred to as MPLS services. In recent years, the IT “center […]

Read More

Authenticate AWS Client VPN users with SAML

Introduction Authenticating users to applications and services on the web and at scale can be challenging. Having a separate set of credentials for each application is not an efficient approach. It is difficult to manage for IT departments and doesn’t provide a good experience for users. A common way to solve this challenge is to use […]

Read More

Serving SSE-KMS encrypted content from S3 using CloudFront

Introduction A best practice for your web applications is to use Amazon S3 to store content and Amazon CloudFront to deliver it to users. When building this way, AWS Well-Architected Framework recommends protecting your data at rest and in transit. Encryption is one of protection controls AWS provides you to reduce the risks of unauthorized access, loss, […]

Read More

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Read More

Using Microsoft Active Directory MFA with AWS Client VPN

You can now enable multi-factor authentication (MFA) for users connecting to an AWS Client VPN endpoint. This solution is ideal for organizations that want additional security when remote users are accessing AWS or on-premises resources. MFA improves the authentication process by requiring more than a user name, password, and certificate (the first factor). MFA requires […]

Read More