Networking & Content Delivery

Category: Technical How-to

Using AWS Transit Gateway Flow Logs to chargeback data processing costs in a multi-account environment

Many AWS customers use consolidated billing, and often need to allocate costs across their internal business units or accounts. This can be challenging when dealing with services that are shared by all accounts. For general chargebacks, some customers use cost allocation tags for this purpose. However, at the time of writing this post, there is […]

Gain secure access to on-premises applications with AWS Verified Access

AWS Verified Access (AVA) provides secure access to applications from anywhere. AVA removes the need for a VPN, which simplifies the remote connectivity experience for end users and reduces the management complexity for IT administrators. But does the application need to be running in AWS to use AVA? The answer is No.  If you have […]

Use VPC IP Address Manager to manage subnet CIDRs

Amazon VPC IP Address Manager (IPAM) is a VPC feature that allows you to plan, track, and monitor IP addresses for your AWS workloads. Until now, VPC IPAM allowed you to allocate CIDR blocks and monitor them at the VPC level. With a recent feature enhancement in VPC IPAM, you can now manage CIDR allocations […]

Using AWS Network Manager Events to manage and monitor your global network

AWS Network Manager is a great tool that lets you monitor changes in your network and create automations. In this post, we cover how to leverage events in Network Manager to get notified about network changes and how to use AWS Serverless technologies to enrich the information provided by these events. Let’s start with a simple question: What is Network […]

Using VPC Reachability Analyzer to discover network paths across multiple AWS Regions

Amazon Web Services (AWS) customers can use the AWS global infrastructure to deploy workloads to multiple AWS Regions. They can create global networks that span multiple AWS Regions to connect these workloads to each other and to on-premises networks. A common design pattern is to use a central networking AWS account to own shared network resources, such as AWS Transit […]

AWS Verified Access introduces policy assistant to quickly see the impact of new access policies

Amazon Web Services (AWS) Verified Access (AVA) is a secure remote access service that eliminates the need for VPNs. AVA reduces management complexity and improves security with real-time evaluations of requests based on factors such as identity and device posture. With Verified Access, you can define access policies written in Cedar using end user context, […]

Capture packets with Amazon VPC Traffic Mirroring and Mountpoint for Amazon S3

Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]

Managing global AWS Local Zones applications with Amazon Route 53 Geoproximity routing

In an earlier post, we discussed how the hub-and-spoke architecture introduced by Local Zones unlocks more choices than ever for geographies where lower latency access can be introduced. Through workload placement techniques offered by service mesh technology for “east-west traffic”, inter-service communication within a customer’s Virtual Private Cloud (VPC), customers can make sure that microservice […]

Understand your network traffic trends using AWS Transit Gateway Flow Logs

AWS Transit Gateway is a network transit hub that enables you to connect thousands of Amazon Virtual Private Clouds (Amazon VPCs) and your on-premises networks using a single gateway. This simplifies your network connection and puts an end to complex peering relationships. AWS Transit Gateway Flow Logs enables you to export detailed telemetry information, such as source/destination […]

Deploying AWS Load Balancer Controller on Amazon EKS

Customers use AWS Network Load Balancer (NLB), Classic Load Balancer (CLB), or Application Load Balancer (ALB) as load balancers or ingress with Amazon Elastic Kubernetes Service (Amazon EKS) clusters. AWS Load Balancer Controller is designed to help manage Elastic Load Balancers for a Kubernetes cluster. It satisfies Kubernetes Ingress resources by provisioning ALBs and Kubernetes […]