Tag: Amazon VPC

For organizations operating multi-tenant environments, regulated environments, or multiple business units, maintaining strict network segmentation between SD-WAN and AWS is essential for meeting security, compliance, and operational requirements. This is Part 2 of the two-part series on extending SD-WAN segmentation into AWS Cloud WAN. In Part 1, the Generic Routing Encapsulation (GRE) based Connect attachment […]

For organizations operating multi-tenant environments, regulated environments, or multiple business units, maintaining strict network segmentation between SD-WAN and AWS is essential for meeting security, compliance, and operational requirements. Deploying SD-WAN virtual appliances and extending your segmentation through AWS Cloud WAN helps unify these segmented environments under a single, scalable global network. That said, segmentation is […]

With sixth-generation Nitro (Nitro V6) instances, launched in June 2025, the default TCP connection tracking idle timeout changed from 432,000 seconds (5 days) to 350 seconds. Applications that hold idle connections open for long periods, such as database connection pools, Internet of Things (IoT) telemetry, and persistent microservice connections, may experience unexpected connection drops after […]

As organizations scale their AWS environments across multiple accounts and Amazon virtual private clouds (VPCs), controlling internet access to cloud resources becomes challenging. With multiple accounts and network paths, maintaining secure network boundaries becomes a priority. A common security pattern is the demilitarized zone (DMZ) architecture, which isolates public-facing services from internal networks to reduce […]

In this post, we demonstrate how to distribute Amazon VPC IP Address Manager (IPAM) costs from the IPAM owner account to the member accounts in AWS Organizations and implement chargeback. We walk through analyzing IPAM usage in AWS Cost Explorer from both member and management accounts. Furthermore, we cover key considerations and best practices for communication and […]

Amazon VPC Lattice is a fully managed application networking service that lets you connect, secure, and monitor communication between your services and resources within and across VPCs and accounts. Today, we announce custom domain names for Lattice resources. In this post, we will examine this feature in detail. Resource owners can now specify an Fully […]

Amazon VPC Route Server enables dynamic routing within Amazon Virtual Private Cloud (Amazon VPC) using Border Gateway Protocol (BGP). You can use Amazon VPC Route Server for effective and intelligent traffic control between cloud applications and on-premises systems. Amazon VPC Route Server uses BGP to provide advanced control over traffic paths, especially for failures, and […]

In this post we cover the recently launched feature of security group referencing and enhanced DNS support on AWS Cloud WAN. This new feature allows you to create inbound security rules referencing security groups defined in other Amazon Virtual Private Clouds (Amazon VPCs) attached to an AWS Cloud WAN within the same AWS Region and […]

In our previous post External Connectivity to Amazon VPC Lattice, we discussed how your applications could consume VPC Lattice services from clients external to Amazon Web Services (AWS), as well as cross-Region patterns. At re:Invent 2024, AWS made three significant announcements in the application networking space: releasing the VPC resources capability for AWS PrivateLink, support for accessing these resources […]

Customers frequently use on-premises DNS infrastructure to resolve DNS queries for internal domains. In 2018, we announced Amazon Route 53 Resolver endpoints, which enable customers to integrate Route 53 with their on-premises DNS infrastructure for hybrid DNS resolution. In 2023, we improved this integration by providing customers the ability to encrypt DNS queries and responses […]