Networking & Content Delivery

Deploy centralized traffic filtering using AWS Network Firewall

In this blog, we will walk through the steps to accelerate your centralized deployment of AWS Network Firewall using a new deployment automation solution—AWS Network Firewall deployment automation for AWS Transit Gateway. We will also discuss common use cases for AWS Network Firewall in a centralized architecture that uses AWS Transit Gateway. Though this post […]

Read More

Accessing an AWS API Gateway via static IP addresses provided by AWS Global Accelerator

Introduction In this article, I will walk you through the steps to configure Amazon API Gateway in combination with AWS Global Accelerator to present Internet-facing API via static IP addresses to end users. This design addresses the need for static IP safelisting and also provides additional performance benefits to end users by sending user’s traffic […]

Read More

Automating service discovery using AWS Transit Gateway Multicast with IGMP

This post will describe how to use multicast and Internet Group Management Protocol (IGMP), two of the newer features of AWS Transit Gateway, to enable applications and services to discover each other automatically when running in Amazon Virtual Private Cloud (Amazon VPC) environments. Service discovery means that a service client, such as a network file […]

Read More

Monitoring AWS Transit Gateway route limits using a serverless architecture

AWS Transit Gateway simplifies your network and puts an end to complex peering relationships. It acts as a cloud router and scales elastically based on the volume of network traffic. It can centralize connections (known as attachments) from your on-premises networks, and attach to Amazon Virtual Private Clouds (VPC) Virtual Private Networks (VPN), AWS Direct […]

Read More

Moving towards DevOps CI/CD approach to configure and manage AWS networking resources

Introduction Organizations are moving from traditional monolithic data center networks to an agile application programming interface (API) driven cloud network. As a result, customers are looking for an efficient and reliable way to make changes to their cloud network infrastructure. They want to adopt a pipeline driven approach to make any network changes following DevOps […]

Read More

Improve throughput for internet facing file transfers using AWS Global Accelerator and AWS Transfer Family services

Remote work has become more common over the last couple of years. For IT teams, this accelerated the need to support the secure distribution and collection of files and software updates for global teams in multiple locations. Additionally, organizations continue to partner with vendors or 3rd parties to distribute or collect data for analytics or […]

Read More

Integrating Network Connectivity Testing with Infrastructure Deployment

This post shows how to integrate and automate network testing as part of AWS infrastructure deployment. We will show you how to use a new tool, Infrastructure as Code (IaC) Network Tester, to perform connectivity testing between a source resource and a destination resource in Virtual Private Cloud (VPC). It supports testing resources deployed via AWS Management Console, SDK, Command Line Interface (CLI) or via a CI/CD pipeline.

Read More

Understanding AWS Direct Connect multi-account pricing

Introduction Many AWS customers use multiple AWS Accounts to make it easier to manage permissions and allocate costs to different groups or departments. When multiple accounts share one AWS Direct Connect interface, customers need to understand how Port-hour and outgoing Data Transfer costs are allocated. These accounts may be independent, or part of the same AWS […]

Read More

CloudFront Functions – A New Security Paradigm for CDN Edge Computing

CloudFront Functions is a new serverless scripting capability that allows you to run JavaScript code at more than 225 Amazon CloudFront edge locations to perform lightweight HTTP transformations and customize content delivery. This blog details our security journey and the controls we put in place to make CloudFront Functions raise the security bar when it comes to edge computing capabilities.

Read More
Title image for Automating Connectivity assessments with VPC Reachability Analyzer

Automating connectivity assessments with VPC Reachability Analyzer

If your network architecture is complex, and you’d like to quickly identify application connectivity issues due to infrastructure changes, then the new Amazon Virtual Private Cloud (VPC) Reachability Analyzer can help. Often times, it is not always clear if changes to VPC infrastructure are affecting connectivity to applications and other AWS services. By implementing automated […]

Read More