Category: Technical How-to

AWS provides hundreds of services to help you easily deploy resources and applications globally in minutes. This helps you rapidly expand your customer base across the world. At the time of writing this post, the AWS Cloud spans 102 Availability Zones (AZs) within 32 geographic AWS Regions around the world. As AWS is continuously growing, […]

Internet users increasingly expect responsive web applications and APIs with lower latency and higher availability. Additionally, publicly accessible web applications and APIs are exposed to threats such as commonly occurring vulnerabilities described in the OWASP Top 10, SQL injection, automated requests, and HTTP floods (Denial of Service (DoS)) that can affect availability, compromise security, or […]

As new AWS Direct Connect locations become available, we recommend customers review their options to make sure they are using the best route to connect to AWS. Many times, moving a connection to a Direct Connect location that is geographically closer to your data centers (DCs) and branch locations can improve network performance, and might […]

Today, on 30th August 2023, AWS launched a new enhancement to the Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing feature. With this enhancement, customers can now specify a Gateway Load Balancer Endpoint (GWLBE) as the next-hop in the virtual private gateway (VGW) route table. This allows customers to inspect their traffic coming into AWS […]

An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, and the need to provide service availability to IPv6-only clients. While undergoing this transformation, customers sometimes find it difficult to assess application behavior in IPv6-enabled environments on AWS. In this blog post, we show […]

AWS Global Accelerator now offers dual-stack accelerators that let you route both IPv4 and IPv6 traffic to Amazon Elastic Compute Cloud (Amazon EC2) instances as endpoints, in addition to Application Load Balancers. In this post, we describe the benefits of using dual-stack accelerators with IPv6 EC2 endpoints, and go through a step-by-step guide for adding […]

Volumetric attack is one of the most common type of cyberattack, where a web application is overwhelmed with an enormous number of HTTP requests. This flood of excessive requests puts a strain on the application’s servers, leading to degraded performance, increased latency for legitimate users and in severe cases, resource exhaustion. AWS WAF’s rate-based rules […]

In this post, we discuss how to architect Zero Trust based remote connectivity on AWS. Specifically, we will be exploring how to integrate Verified Access with CrowdStrike, a device trust provider. This solution builds upon the Okta-based identity provider integration previously published in this AWS post. Zero Trust is a conceptual model, and an associated […]

In a modern distributed system, identifying where a problem has occurred is not a trivial task. In fact, it’s a key capability that an organization must master to maintain its competitiveness. Tracing is a great methodology to be used for this purpose. It creates a series of formatted logs with an identifier called Trace ID, which […]

Have you ever wondered why your Elastic IP (EIP) count is growing, and what’s behind the “ElasticIP:IdleAddress” line item on your AWS bill? This could be because there is an hourly charge for EIP addresses that are not associated with a running instance, when an EIP is associated with a stopped instance, or when there […]