Q: What is AWS Global Accelerator?
A: AWS Global Accelerator is a networking service that helps you improve the availability and performance of the applications that you offer to your global users. AWS Global Accelerator is easy to set up, configure, and manage. It provides static IP addresses that provide a fixed entry point to your applications and eliminate the complexity of managing specific IP addresses for different AWS Regions and Availability Zones. AWS Global Accelerator always routes user traffic to the optimal endpoint based on performance, reacting instantly to changes in application health, your user’s location, and policies that you configure. Like other AWS services, AWS Global Accelerator is a self-service, pay-per-use offering, requiring no long term commitments or minimum fees.
Q: What can I do with AWS Global Accelerator?
A: By using AWS Global Accelerator, you can:
- Associate the static IP addresses provided by AWS Global Accelerator to regional AWS resources or endpoints, such as Network Load Balancers, Application Load Balancers, EC2 Instances, and Elastic IP addresses. The IP addresses are anycast from AWS edge locations so they provide onboarding to the AWS global network close to your users.
- Easily move endpoints between Availability Zones or AWS Regions without needing to update your DNS configuration or change client-facing applications.
- Dial traffic up or down for a specific AWS Region by configuring a traffic dial percentage for your endpoint groups. This is especially useful for testing performance and releasing updates.
- Control the proportion of traffic directed to each endpoint within an endpoint group by assigning weights across the endpoints.
Q: How do I get started with AWS Global Accelerator?
A: You can get started with setting up AWS Global Accelerator by using the API or through the AWS Management Console. Because AWS Global Accelerator is a global service, it’s not tied to any specific AWS Region. Here are three easy steps to set up AWS Global Accelerator for your application:
- Create an accelerator: When you create your accelerator, AWS Global Accelerator provisions two static IP addresses for it. Then you configure one or more listeners to process inbound connections from end clients to your accelerator, based on the protocol and port that you specify.
- Configure endpoint groups: You choose one or more regional endpoint groups to associate to your accelerator’s listener by specifying the AWS Regions to which you want to distribute traffic. Your listener routes requests to the registered endpoints in this endpoint group. AWS Global Accelerator monitors the health of endpoints within the group using the health check settings defined for each endpoint. You can configure a traffic dial percentage for each endpoint group, which controls the amount of traffic that an endpoint group accepts. By default, the traffic dial is set to 100% for all regional endpoint groups.
- Register endpoints for endpoint groups: You register one or more regional resources, such as Application Load Balancers, Network Load Balancers, EC2 Instances, or Elastic IP addresses, in each endpoint group. Then you can set weights to choose how much traffic is routed to each endpoint.
Q: How does AWS Global Accelerator work together with Elastic Load Balancing (ELB)?
A: Both of these services solve the challenge of routing user requests to healthy application endpoints. AWS Global Accelerator relies on ELB to provide the traditional load balancing features such as support for internal and non-AWS endpoints, pre-warming, and Layer 7 routing. However, while ELB provides load balancing within one Region, AWS Global Accelerator provides traffic management across multiple Regions.
A regional ELB load balancer is an ideal target for AWS Global Accelerator. By using a regional ELB load balancer, you can precisely distribute incoming application traffic across backends, such as Amazon EC2 instances or Amazon ECS tasks, within an AWS Region. AWS Global Accelerator complements ELB by extending these capabilities beyond a single AWS Region, allowing you to provision a global interface for your applications in any number of Regions. If you have workloads that cater to a global client base, we recommend that you use AWS Global Accelerator. If you have workloads hosted in a single AWS Region and used by clients in and around the same Region, you can use an Application Load Balancer or Network Load Balancer to manage your resources.
Q: How is AWS Global Accelerator different from Amazon CloudFront?
A: AWS Global Accelerator and Amazon CloudFront are separate services that use the AWS global network and its edge locations around the world. CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery). Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions. Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or Voice over IP, as well as for HTTP use cases that specifically require static IP addresses or deterministic, fast regional failover. Both services integrate with AWS Shield for DDoS protection.
Q: Can I use AWS Global Accelerator for my on-premises services?
A: You can’t directly configure on-premises resources as endpoints for your static IP addresses, but you can configure a Network Load Balancer (NLB) in each AWS Region to address your on-premises endpoints. Then you can register the NLBs as endpoints in your AWS Global Accelerator configuration.
Q: What benefits does AWS Global Accelerator provide?
A: AWS Global Accelerator includes the following benefits:
Instant regional failover: AWS Global Accelerator automatically checks the health of your applications and routes user traffic only to healthy application endpoints. If the health status changes or you make configuration updates, AWS Global Accelerator reacts instantaneously to route your users to the next available endpoint.
High availability: AWS Global Accelerator has a fault-isolating design that increases the availability of your application. When you create an accelerator, you are allocated two IPv4 static IP addresses that are serviced by independent network zones. Similar to Availability Zones, these network zones are isolated units with their own physical infrastructure and serve static IP addresses from a unique IP subnet. If one static IP address becomes unavailable due to IP address blocking or unreachable networks, AWS Global Accelerator provides fault tolerance to client applications by rerouting to a healthy static IP address from the other isolated network zone.
No variability around clients that cache IP addresses: Some client devices and internet resolvers cache DNS answers for long periods of time. So when you make a configuration update, or there’s an application failure or change in your routing preference, you don’t know how long it will take before all of your users receive updated IP addresses. With AWS Global Accelerator, you don’t have to rely on the IP address caching settings of client devices. Change propagation takes a matter of seconds, which reduces your application downtime.
Improved performance: AWS Global Accelerator ingresses traffic from the edge location that is closest to your end clients through anycast static IP addresses. Then traffic traverses the congestion-free and redundant AWS global network, which optimizes the path to your application that is running in an AWS Region. AWS Global Accelerator chooses the optimal AWS Region based on the geography of end clients, which reduces first-byte latency and improves performance.
Easy manageability: The static IP addresses provided by AWS Global Accelerator are fixed and provide a single entry point to your applications. This lets you easily move your endpoints between Availability Zones or between AWS Regions, without having to update your DNS configuration or client-facing applications. Use cases include A/B testing, application updates, and failover simulations. Corporate proxies can also whitelist your application’s static IP addresses in their firewalls.
Fine-grained control: AWS Global Accelerator lets you set a traffic dial for your regional endpoint groups, to dial traffic up or down for a specific AWS Region when you conduct performance testing or application updates. In addition, if you have stateful applications, you can choose to direct all requests from a user to the same endpoint, regardless of the source port and protocol, to maintain client affinity. These features give you fine-grained control.
Q: I operate only in a single AWS Region. Can I get any benefit from AWS Global Accelerator?
A: Yes. While you might not want to use the intelligent traffic routing capabilities of AWS Global Accelerator, there are a number of advantages to using static IP addresses. First, by using these addresses, you increase the Quality of Service (QoS) for your users by onboarding their traffic onto the AWS global network as close to them as possible. Typically, traffic must take multiple hops through the public internet, over potentially congested and non-redundant network paths, to reach your destination AWS Region. With AWS Global Accelerator, you get to leverage the AWS globally redundant network to help improve your application availability and performance. Second, you have the freedom to easily move your application between AWS Regions without changing your public interface. This means that you can plan for the future, knowing that if your needs change, you can easily migrate or add additional AWS Regions without worrying about how your users will connect to your applications.
Q: How does AWS Global Accelerator make it easy to move to a multi-Region setup?
A: You may want to run your applications in multiple AWS Regions for regional redundancy and to improve performance by running your applications closer to your users. By providing a network layer between your application and clients, AWS Global Accelerator can perform health checks, and then automatically route traffic around failed endpoints, without disrupting clients. This graceful shutdown and startup of new endpoints improves availability and performance for your users while ensuring that internet traffic is routed to the closest available endpoint.
Q: How does AWS Global Accelerator help support multi-Region failover?
A: AWS Global Accelerator provides you with a set of static IP addresses that can map to multiple application endpoints across AWS Regions, to improve redundancy. If your application experiences failure in a specific AWS Region, AWS Global Accelerator automatically detects the unhealthy endpoints and redirects traffic to the next optimal AWS Region, ensuring high availability and disaster recovery.
Q: How fast will my application failover between AWS Regions?
A: AWS Global Accelerator can detect an unhealthy endpoint and take it out of service in less than one minute.
Q: What compliance certifications does AWS Global Accelerator support?
A: AWS Global Accelerator certifications make it easier for you to verify our high security standards and meet your own regulatory and compliance obligations. It has been assessed to comply with PCI DSS, ISO 9001, 27001, 27017, 27018, 27018, and SOC (System & Organization Control), in addition to being HIPAA-eligible.
Q: Does AWS Global Accelerator support IPv4 and IPv6?
A: The service currently supports IPv4 addresses.
Q: What protocols does AWS Global Accelerator support?
A: AWS Global Accelerator supports both TCP and UDP protocols.
Q: How is AWS Global Accelerator different from a DNS-based traffic management solution?
A: First, some client devices and internet resolvers cache DNS answers for long periods of time. So when you make a configuration update, or there’s an application failure or change in your routing preference, you don’t know how long it will take before all of your users receive updated IP addresses. With AWS Global Accelerator, you don’t have to rely on the IP address caching settings of client devices. Change propagation takes a matter of seconds, which reduces your application downtime. Second, with Global Accelerator, you get static IP addresses that provide a fixed entry point to your applications. This lets you easily move your endpoints between Availability Zones or between AWS Regions, without having to update the DNS configuration or client-facing applications.
Q: Can I use AWS Global Accelerator with AWS Direct Connect?
A: We recommend that you don’t advertise IP addresses that you use to communicate with AWS Global Accelerator over your AWS Direct Connect public virtual interface. Direct Connect does not advertise IP address prefixes for Global Accelerator over a public virtual network. For more information about public virtual interfaces and Direct Connect, see Using Public Virtual Interfaces.