Networking & Content Delivery

Tag: VPC

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Read More

Building an egress VPC with AWS Transit Gateway and the AWS CDK

Introduction With the introduction of AWS Transit Gateway, it is easier for customers to manage connectivity between many VPCs. Further simplification can be achieved by routing all outbound traffic through one shared egress VPC. This allows re-use of NAT Gateways and can improve overall network design and operational efficiency. This ‘egress VPC’ design pattern is […]

Read More
Scaling VPN throughput using AWS transit gateway

Scaling VPN throughput using AWS Transit Gateway

A virtual private network (VPN) is one of the most common ways that customers connect securely to the AWS Cloud from on-premises or data center environments. Customers establish VPN connectivity to AWS using AWS managed VPN solutions like AWS Site-to-Site VPN, transit gateways, or partner solutions running on Amazon EC2. In this post, we demonstrate […]

Read More

Securing VPCs Egress using IDS/IPS leveraging Transit Gateway

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

Read More
Network Architecture that shows Direct Connect Gateway attached to private virtual interface, and associated to virtual private gateway in two region.

Setting up AWS Direct Connect gateway to route DX traffic to any AWS Region

Direct Connect Senior Product Managers Madhura Kale and Erik Klavon contributed to this post. AWS Direct Connect (DX) has been a popular method for businesses to connect to AWS services, giving users a secure and reliable connection to an AWS Region. There are more than 100 DX locations available globally across major cities. However, you […]

Read More

Creating a single internet exit point from multiple VPCs Using AWS Transit Gateway

In this post, we show you how to centralize outbound internet traffic from many VPCs without compromising VPC isolation. Using AWS Transit Gateway, you can configure a single VPC with multiple NAT gateways to consolidate outbound traffic for numerous VPCs. At the same time, you can use multiple route tables within the transit gateway to […]

Read More

Performing Route 53 health checks on private resources in a VPC with AWS Lambda and Amazon CloudWatch

If you have ever used Amazon Route 53 health checks to monitor resources, you know that monitored resources must have public IP addresses. This is because Route 53 health checkers are public and they can only monitor hosts with IP addresses that are publicly routable on the internet. You may want to monitor your resources […]

Read More

Centralized DNS management of hybrid cloud with Amazon Route 53 and AWS Transit Gateway

A successful hybrid networking strategy goes beyond private network connectivity. It often requires dealing with independent internal zones both in Amazon Virtual Private Cloud (Amazon VPC) and on-premises. Such a strategy needs Domain Name System (DNS) naming that spans the entire network. Typically, this is managed by providing name resolution services in the same place […]

Read More

Migrate from Transit VPC to AWS Transit Gateway

Amazon Virtual Private Cloud (Amazon VPC) provides you with the ability to create as many virtual networks as you need. It also provides different options for connecting these networks to each other and to non-AWS infrastructure, such as on-premises data centers, remote headquarters, or other offices. Most of you start this journey with a few […]

Read More

Debugging tool for network connectivity from Amazon VPC

Resources in AWS rely heavily on their underlying network to deliver a service at optimal performance. For example, your databases could be fine-tuned and your front end application servers could be running on the most expensive, high-end Amazon EC2 instances available. However, if the underlying network is experiencing an issue, all of these beneficial factors […]

Read More