Networking & Content Delivery

Category: Amazon Simple Storage Service (S3)

Capture packets with Amazon VPC Traffic Mirroring and Mountpoint for Amazon S3

Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]

Improve Single-Page Application (SPA) Performance with a Same Domain policy using Amazon CloudFront

In this post, we demonstrate how you can use a same domain policy with Amazon CloudFront. Using this method, you eliminate the need for enabling Cross-Origin Resource Sharing (CORS), which results in improved performance for Single-Page Applications (SPA). Over the years, SPA frameworks such as ReactJs and AngularJs have become a popular method for developing […]

Using Amazon CloudFront and Amazon S3 to build multi-Region active-active geo proximity applications

In today’s digital-first business environment with a globally distributed customer base, it becomes important to adopt an architecture that helps customers deliver digital assets to end-users with the lowest possible latency based on the geo-proximity of assets to the end user. Companies with digital assets stored in Amazon Simple Storage Service (Amazon S3) commonly configure the traffic to be […]

Signed cookie-based authentication with Amazon CloudFront and AWS Lambda@Edge: Part 2 – Authorization

In this two-part blog series, you will learn how to use email addresses and domain names for user authentication. With this method, you restrict credentials-free user access to a static website. In this second part of the blog series, you will learn how to implement the authorization mechanism. In the previous blog post, you learnt […]

Signed cookie-based authentication with Amazon CloudFront and AWS Lambda@Edge: Part 1 -Authentication

In this two-part blog series, you will learn how to use email addresses and domain names for user authentication. With this method, you restrict credentials-free user access to a static website. In this first blog, you will learn how to implement the authentication mechanism. In the second blog post, you will learn how to implement […]

Secure hybrid access to Amazon S3 using AWS PrivateLink

AWS PrivateLink for Amazon S3 enables on-premises applications to privately and securely access Amazon S3 over AWS Direct Connect private virtual interface or AWS Site to Site VPN. The Interface VPC Endpoints for Amazon S3 allow security administrators to control which users can access which data in S3 from on premises and cross-Region using their […]

Serving SSE-KMS encrypted content from S3 using CloudFront

Update: We’ve updated this blog and the AWS Lambda function code to work with both “custom” and “s3” style origins in Amazon CloudFront. Previously, only “custom” types were covered. In August 2022, CloudFront launched OAC (Origin Access Control), providing native support for customers to use CloudFront to access S3 bucket encrypted with SSE-KMS. Depending on […]