Networking & Content Delivery

Tag: Security

Geo-block Content Using Amazon Location and Edge Services

Organizations require methods to restrict access to content to adhere to compliance and regulatory requirements, sanctions, privacy laws, territorial ownership rights, security controls, etc. One way that companies restrict access is by Geo-blocking – restricting access to a website or another piece of content based on a user’s location. A popular method of geo-blocking content is […]

AWS Verified Access Integration with 3rd party identity providers

AWS Verified Access (AVA) offers a solution to the challenges faced by enterprises by managing remote workforce connectivity through traditional remote access VPNs. It allows remote employees to securely access corporate applications over the Internet while authenticating and authorizing each request. Unlike traditional VPN systems, which lack granularity for application-level authentication and authorization, AVA implements […]

AWS Network Optimization Tips

When thinking about architecture, it’s very common to come across scenarios where there is no right or wrong answer – the best answer is “it depends”. You must carefully consider the tradeoffs between cost, performance, reliability, and operational efficiency before coming to a decision. A little planning ahead of time can help you avoid numerous […]

Lowering Latency by Moving OPTIONS to the Edge

At IMDb, we run a Federated GraphQL Gateway on AWS Lambda that backs our website and apps and handles over 10,000 peak TPS. For more information about how we built that, see our three posts: building GraphQL on Lambda, managing federated schemas, and monitoring and tuning. As our website adds more features that call GraphQL […]

Amazon CloudFront introduces Origin Access Control (OAC)

Amazon CloudFront is a global content delivery network that securely delivers applications, websites, videos, and APIs to viewers across the globe in milliseconds. Using CloudFront, customers can access different types of origin services to suit their use cases. One of the performant architectures customers adopt is to use Amazon S3 as the origin to host […]

Restricting access on HTTP API Gateway Endpoint with Lambda Authorizer

Customers use Amazon API Gateway APIs for critical production applications ranging from simple HTTP proxies to full-blown API management with request transformation, authentication, and validation. Starting in 2019, HTTP APIs have provided an enhanced alternative to the traditional API Gateway REST APIs, with HTTP APIs offering up to 60% latency reduction, 71% cost reduction, and […]

Well-Architecting online applications with CloudFront and AWS Global Accelerator

Introduction Worldwide, millions of customers are actively using AWS to build applications for every imaginable use case, with a variety of regions in which they can deploy infrastructure. An AWS Region is a physical location where AWS clusters data centers and operates regional services, like AWS Elastic Compute Cloud (EC2) and Amazon Simple Storage Service […]

Limit access to your origins using the AWS-managed prefix list for Amazon CloudFront

Amazon CloudFront provides an easy and cost-effective way to distribute content with low latency and high data transfer speeds using a worldwide network of edge locations. To enable requests from CloudFront to access your origins (the source of your content, for example, Amazon Elastic Compute Cloud (Amazon EC2) instances, the security policies on your origin […]

Leveraging AWS PrivateLink for volumetric data processing

AWS PrivateLink provides private, secure connectivity between VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. AWS PrivateLink offers three primary benefits to customers. First, it provides a way for two parties to establish private connectivity without requiring an Internet Gateway (IGW), thereby helping both parties to deploy airtight […]

Introduction to Network Transformation on AWS – Part 1

Introduction Your organization may have a sprawling network built with variety of topologies. As your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. Over time, traffic patterns change as more and more of your applications move to the cloud. This means that you can start transforming your […]