Category: Top Posts

Update March 17, 2020 – With recent events, the need to provide a remote workforce with secured connectivity is greater than ever. It comes as no surprise that this post (originally published on December 19, 2018) is receiving a lot of traffic. The content is still relevant today, so we’re publishing it again to make it […]

A virtual private network (VPN) is one of the most common ways that customers connect securely to the AWS Cloud from on-premises or data center environments. Customers establish VPN connectivity to AWS using AWS managed VPN solutions like AWS Site-to-Site VPN, transit gateways, or partner solutions running on Amazon EC2. In this post, we demonstrate […]

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

In this post, we show you how to centralize outbound internet traffic from many VPCs without compromising VPC isolation. Using AWS Transit Gateway, you can configure a single VPC with multiple NAT gateways to consolidate outbound traffic for numerous VPCs. At the same time, you can use multiple route tables within the transit gateway to […]

A successful hybrid networking strategy goes beyond private network connectivity. It often requires dealing with independent internal zones both in Amazon Virtual Private Cloud (Amazon VPC) and on-premises. Such a strategy needs Domain Name System (DNS) naming that spans the entire network. Typically, this is managed by providing name resolution services in the same place […]

Authorization, the function of specifying access rights to resources is often required to help protect restricted content in web applications. This post will show you how to implement a serverless authorization of viewers using Amazon CloudFront, Lambda@Edge and Amazon Cognito without modifying your origin resources.