Networking & Content Delivery

Introducing Prefix Lists in AWS Network Firewall Stateful Rule Groups

Previously you needed to update individual AWS Network Firewall rules when scaling your network to add new IP addresses. The release of this new feature means that you can update the relevant prefix list, and all of the Network Firewall rule groups that reference the prefix list are automatically updated. Both customer-managed and AWS-managed prefix […]

How to optimize content for search engines with AWS WAF Bot Control and Amazon CloudFront

Search engine crawlers – a special bot type used to index your site – are very important visitors. They make sure that your content is searchable by end users. If a crawler can’t easily read your content, then any updates you make might not be immediately reflected in the search results. Depending on the algorithms […]

Maximising application resiliency with AWS Global Accelerator

AWS services, including AWS Global Accelerator, are designed for inherent operational resiliency, to avoid single points of failure. Global Accelerator is architected and designed to provide operational resiliency, including the following components and operational practices: Global static anycast IP addresses Network zones Cell-based architecture Shuffle sharding Multi-Region Amazon Route 53 health checks We’ll discuss each […]

Introducing Amazon VPC Flow Logs to Kinesis Data Firehose

Amazon Virtual Private Cloud (Amazon VPC) Flow Logs helps you understand network traffic patterns on AWS by providing network telemetry data about the IP traffic flowing to and from ENIs in your VPC. It lets you perform numerous analytics tasks, such as diagnosing overly restrictive security group rules, monitoring traffic that is reaching an instance, […]

Providing controlled internet access through centralised proxy servers using AWS Fargate and PrivateLink

In this post we provide a regional solution for controlling outbound internet access to 1000s of Amazon Virtual Private Clouds (VPCs) using AWS Fargate and AWS PrivateLink. It removes the need to manage any proxy servers or to provide Layer 3 connectivity between your VPCs. It also provides an end-to-end deployment pipeline with a simple, […]

Amazon CloudFront introduces Origin Access Control (OAC)

Amazon CloudFront is a global content delivery network that securely delivers applications, websites, videos, and APIs to viewers across the globe in milliseconds. Using CloudFront, customers can access different types of origin services to suit their use cases. One of the performant architectures customers adopt is to use Amazon S3 as the origin to host […]

Design patterns for interconnecting a telco data center to an Amazon VPC

Traditionally, communication service providers (CSPs) in the telecom industry have used a Virtual Routing and Forwarding (VRF) technique to segregate their data center (DC) networks per each network domains; for examples of domain such as Operation, Administration & Management (OAM), signaling, roaming, and user traffic networks. Each VRF domain in the data center must also […]

Gain usage insights with Amazon CloudWatch metrics and Contributor Insights for AWS PrivateLink

We recently launched Amazon CloudWatch metrics for AWS PrivateLink. This feature publishes metrics for PrivateLink services and endpoints at 1-minute intervals at no cost to you. You can also use CloudWatch Contributor Insights to visualize usage against your PrivateLink services. This blog summarizes PrivateLink metrics, shows the metrics and filters in Amazon CloudWatch, and provides […]

Restricting access on HTTP API Gateway Endpoint with Lambda Authorizer

Customers use Amazon API Gateway APIs for critical production applications ranging from simple HTTP proxies to full-blown API management with request transformation, authentication, and validation. Starting in 2019, HTTP APIs have provided an enhanced alternative to the traditional API Gateway REST APIs, with HTTP APIs offering up to 60% latency reduction, 71% cost reduction, and […]

Well-Architecting online applications with CloudFront and AWS Global Accelerator

Introduction Worldwide, millions of customers are actively using AWS to build applications for every imaginable use case, with a variety of regions in which they can deploy infrastructure. An AWS Region is a physical location where AWS clusters data centers and operates regional services, like AWS Elastic Compute Cloud (EC2) and Amazon Simple Storage Service […]