Networking & Content Delivery

Category: Technical How-to

Restricting access on HTTP API Gateway Endpoint with Lambda Authorizer

Customers use Amazon API Gateway APIs for critical production applications ranging from simple HTTP proxies to full-blown API management with request transformation, authentication, and validation. Starting in 2019, HTTP APIs have provided an enhanced alternative to the traditional API Gateway REST APIs, with HTTP APIs offering up to 60% latency reduction, 71% cost reduction, and […]

Read More

AWS Cloud WAN and Amazon VPC IPAM with AWS Control Tower

AWS Control Tower offers a straightforward way to set up and govern a multi-account AWS environment, following prescriptive best practices to build a secure landing zone quickly. You can provision tens, if not hundreds, of new AWS accounts at one time using AWS Control Tower. Once you provision accounts, you typically require the deployment of Amazon […]

Read More

IP Address Management for AWS Control Tower

For many customers, governing and auditing IP address allocation for at-scale networks is a complex, time-consuming, and potentially error-prone task. This is because application workloads are rapidly migrating to the cloud. Traditionally, network administrators have resorted to using combinations of spreadsheets, home-grown tools, and scripts to track address assignments across multiple accounts, Amazon Virtual Private […]

Read More

Automating Domain Delegation for Public Applications in AWS

Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]

Read More

AWS Cloud WAN and AWS Transit Gateway migration and interoperability patterns

Introduction At AWS re:Invent 2021, we launched a public preview of AWS Cloud WAN, a managed service for creating a global network using AWS global network infrastructure. Cloud WAN makes it easy to build and operate global wide area networks (WAN) to connect your data centers, branch offices, and Amazon Virtual Private Clouds (VPCs). Cloud […]

Read More

Three advanced design patterns for high available applications using Amazon CloudFront

Any web application using Amazon CloudFront benefits from the inherent high availability of this AWS service. It’s a globally distributed network that is immune to local hardware failures or network congestion. Furthermore, it’s built on top of the AWS global network, which provides better isolation from the public internet. Finally, it’s designed with various advanced […]

Read More

Using latency-based routing with Amazon CloudFront for a multi-Region active-active architecture

This post guides you through setting up the networking layer for a multi-Region active-active application architecture on AWS using latency-based routing in Amazon Route 53 with Amazon CloudFront to deliver a low-latency, reliable experience for your users. Building active-active architectures using AWS networking services improves your application resiliency and performance. However, there can be cost and […]

Read More

Connecting Networks with Overlapping IP Ranges

A common situation we see in customer networks is when there are resources with overlapping IP address ranges that must communicate with each other. Frequently this occurs when companies are acquired and have used the same private (RFC1918) address ranges. However, it can also occur when a service provider with a unique IP range must […]

Read More

Introducing IPv6-only subnets and EC2 instances

In June 2021, we announced our continued commitment and innovation towards the enablement of IPv6 on AWS. Today, we take a monumental step forward with the ability to create an IPv6-only architecture on AWS. With this launch, Amazon Virtual Private Cloud (VPC) now allows you to create IPv6-only subnets in your dual-stack VPCs and launch […]

Read More

Expedite your IPv6 adoption with PrivateLink services and endpoints

AWS now supports IPv6 for AWS PrivateLink services and endpoints. PrivateLink support for IPv6 expedites IPv6 adoption by decoupling the service consumer and service provider IP protocol version. Even if a service provider has not started to support IPv6 for all their back-end services, service consumers can use IPv6 within their VPCs to access the […]

Read More