Networking & Content Delivery
Category: Technical How-to
Integrating AWS Verified Access with device trust providers
In this post, we discuss how to architect Zero Trust based remote connectivity on AWS. Specifically, we will be exploring how to integrate Verified Access with CrowdStrike, a device trust provider. This solution builds upon the Okta-based identity provider integration previously published in this AWS post. Zero Trust is a conceptual model, and an associated […]
Removing Unassociated Elastic IPs
Have you ever wondered why your Elastic IP (EIP) count is growing, and what’s behind the “ElasticIP:IdleAddress” line item on your AWS bill? This could be because there is an hourly charge for EIP addresses that are not associated with a running instance, when an EIP is associated with a stopped instance, or when there […]
Set up end-to-end tracing with Amazon CloudFront using OpenTelemetry
In a modern distributed system, identifying where a problem has occurred is not a trivial task. In fact, it’s a key capability that an organization must master to maintain its competitiveness. Tracing is a great methodology to be used for this purpose. It creates a series of formatted logs with an identifier called Trace ID, which […]
Using AWS WAF intelligent threat mitigations with cross-origin API access
AWS WAF offers advanced features for filtering undesired web application traffic, such as Bot Control and Fraud Control. These intelligent threat mitigations include techniques such as client-side interrogations using JavaScript challenges or CAPTCHA, as well as client-side behavioral analysis. Implementing these techniques on a web page with a same-origin access is simple. When a cross-domain […]
Segmenting hybrid networks with AWS Transit Gateway connect
Virtual Routing and Forwarding (VRF) is a traditional network feature which uses isolated logical routing domains (route tables/VRFs) to keep network traffic segregated within the same physical infrastructure. Customers ask us how to combine the segmentation provided by AWS Cloud WAN and AWS Transit Gateway with VRF isolation when connecting their on-premises networks to AWS. […]
Mitigate Common Web Threats with One Click in Amazon CloudFront
You can now add AWS WAF protections to Amazon CloudFront distributions with one click. In this walkthrough, we will guide you through setting up and monitoring protections offered by this new feature along with pricing and additional security recommendations. This blog relates to Amazon CloudFront — a AWS service that you can use to deliver […]
Estimating radio coverage for your network with AWS Private 5G
Introduction In this blog, we will walk you through estimating the number of AWS Private 5G radio units needed to meet coverage and capacity requirements for your various use cases. AWS Private 5G provides a radio frequency (RF) estimator to help customers determine the number of units required. The AWS Private 5G RF estimator uses […]
Scaling NLB target groups by connections
When workload performance depends on the number of networking connections, traditional load balancing metrics like CPU load or memory utilization do not provide the information you need in order to make scaling decisions. In this post, we explore a solution that automatically scales backend connections of a Network Load Balancer (NLB) target group based on […]
Achieving Zero-downtime deployments with Amazon CloudFront using blue/green continuous deployments
Blue/green deployment is a widely used deployment technique in software development aimed at minimizing downtime and risks associated with introducing new code. The strategy involves concurrently running two identical environments, namely blue and green, and directing traffic between them as necessary. This allows you to have uninterrupted delivery of new features and updates, with no […]
Host Single Page Applications (SPA) with Tiered TTLs on CloudFront and S3
Many of our customers use Amazon CloudFront and Amazon Simple Storage Service (Amazon S3) to deploy Single Page Applications (SPA): web applications created with React, Angular, Vue, etc. The development teams of these SPAs often have the following, seemingly conflicting, requirements: Users should experience as little latency as possible in downloading the web application. Therefore, […]