Networking & Content Delivery

CloudFront Functions is a new serverless scripting capability that allows you to run JavaScript code at more than 225 Amazon CloudFront edge locations to perform lightweight HTTP transformations and customize content delivery. This blog details our security journey and the controls we put in place to make CloudFront Functions raise the security bar when it comes to edge computing capabilities.

If your network architecture is complex, and you’d like to quickly identify application connectivity issues due to infrastructure changes, then the new Amazon Virtual Private Cloud (VPC) Reachability Analyzer can help. Often times, it is not always clear if changes to VPC infrastructure are affecting connectivity to applications and other AWS services. By implementing automated […]

AWS Direct Connect now supports MACsec security (IEEE 802.1AE), giving you a new option for securing your data from when it leaves your network until it arrives at AWS. With this release, Direct Connect delivers native, near line-rate, and point-to-point encryption for 10 Gbps and 100 Gbps links. Available at select locations for dedicated connections […]

In this blog post, we will present an approach to starting small and testing the benefits of AWS Global Accelerator before determining if you would like to transition to a full Global Accelerator enhanced application. Similarly, if you are interested in performing A/B testing or looking for a rolling deployment method for the Global Accelerator, this blog […]

AWS Direct Connect is a networking service that provides an alternative to connecting to AWS over the internet. When you use AWS Direct Connect, your network traffic bypasses the internet entirely and is instead delivered through a private network connection to AWS. In many circumstances, this can reduce costs, increase bandwidth, and provide more consistent […]

Introduction It has been over 2 years since we launched VPC sharing at re:Invent 2018. I previously wrote about this capability in a “VPC sharing: A new approach to multiple accounts and VPC management” blog post. That blog covers everything you need to know about where to start, the benefits of VPC sharing, and why we decided […]

Many organizations want to replay production traffic to a test environment, with no impact on the end user’s experience. This is known as traffic mirroring or traffic shadowing. Testing the new version of a workload with production traffic is a key step for a successful release. Some tests use scripted requests, but real traffic is […]

Introduction There are many services that help you configure network security within your Amazon Virtual Private Cloud (VPC), including security groups (SGs), network access control lists (network ACLs), and the AWS Network Firewall. These services inspect and filter network traffic, but they do not apply to DNS queries provided by Route 53 Resolver, potentially allowing […]

Many customers ask us how they can point their zone apex to their web content if it uses a DNS name rather than an IP address. This blog covers three design patterns and approaches that solve zone apex challenges with third-party DNS providers for applications hosted in AWS—and the pros and cons of each approach.

Native 100 Gbps connections are now available at select AWS Direct Connect Locations worldwide. If you are using a 1 Gbps or 10 Gbps Direct Connect Dedicated Connection today, moving up to 100 Gbps can be done in five steps. This post walks through those steps and what to consider while planning your migration. These […]