AWS Application Networking
AWS offers a wide range of application networking services to help connect and secure your applications. The AWS application networking portfolio includes load balancing (Elastic Load Balancing (ELB)), connectivity options (such as AWS PrivateLink), simplified application-level connectivity across all compute types (Amazon VPC Lattice), and managed API-specific support (Amazon API Gateway). These services work together with other AWS Networking services, to provide reliability, end-to-end visibility, and layered security to your applications, with rich customization and automation capabilities. With an extensive set of features tested and fine-tuned by running some of the world's largest applications in production, AWS application networking solutions reduce complexity for developers, while still being highly customizable for networking experts. Whether you need to scale up, or handle complex network architectures across multiple locations, AWS application networking can help you remove time-consuming work, so you can focus on innovation.
Defense in Depth
At AWS, security is a top priority. While AWS takes care of securing the hardware and physical infrastructure used to route your applications' data, you are responsible for defining access to those applications. Application networking security is a subset of your overarching security posture that focuses on three primary areas: internet connectivity, cross-account access, and improved security within your accounts. To simplify securing your applications, AWS provides policy-based authentication and authorization, automated certification creation, and faster key rotation as part of a portfolio of managed application networking services. Use AWS application networking services to secure ingress and egress to your application with layered encryption, logically defined boundaries, and permissions enforced through context-rich authorization and authentication.
Choice & Flexibility
AWS application networking services provide you with the flexibility to build your applications how you want, with native support for AWS and the third-party vendors you use today. Whether you are a networking administrator or a service developer, AWS has tailor-made managed networking services to support your preferred mode of compute (EC2, containers/Kubernetes, serverless, etc.), and networking protocols (HTTP(S), gRPC, WebSocket, TLS, UDP, TCP, IP, etc.). Choose how much, or how little, you want to offload security, connectivity, and translation work from your application with options to fully run your application in EC2, offload load balancing using ELB, or get fully managed application networking service support with Amazon VPC Lattice.
Managed infrastructure and service support
AWS builds and manages application networking services and physical infrastructure, so you don’t have to. For the last 17 years, our engineers have focused on innovation and continuously improving our services, so that we can provide the world’s most reliable global cloud infrastructure. This has led to us creating robust services and custom hardware that help you more easily build applications, scale elastically, and reduce costs. Our application networking services offer a 99.99% multi-AZ deployment SLAs and 99.9% single AZ SLAs. You can use these services to further improve your applications’ availability by pre-configuring how you want your applications to recover in different failure modes, such as bad application deployments. AWS application networking services offer options for both automatic recovery or customizable remediation using manual features.
Monitoring and Observability
Setup a standardized view across your application network stack with consistent metrics and logs. AWS logs provide granular detail into each service, including specific user actions, if your application allowed or denied a user, HTTP codes, traffic volume, and request latency. AWS application networking services work with an extensive ecosystem of internal tools and external vendors, like Splunk and DataDog, to help give insight and visibility into what is happening within your applications across both north-south and east-west traffic patterns. Use networking specific AWS tools like: VPC Flow Logs for monitoring the IP traffic across your architecture and Network Access Analyzer to identify unintended network access to resources in an Amazon VPC. You can then setup monitoring and observability pipelines using Amazon CloudWatch, AWS CloudTrail, and Amazon Kinesis Data Firehose.
Building modern applications
AWS application networking services are fine-tuned to support modern application building techniques, including microservice-based architectures with containers and Kubernetes, serverless applications, and EC2 instances. Connect and secure all of your applications without networking expertise required using simple polices with Amazon VPC Lattice and API Gateway, or customize a solution to your needs using ELB. With AWS application networking services, you get access to adaptive functionality inserted directly into your application traffic pathways, including load balancing, proxying, protocol translation, security, identity-based customization, monitoring, and faster remediation.
Migrating your applications to AWS
Application networking supports the connectivity and elastic capacity capabilities critical for you when migrating applications to AWS. By using ELBs for load balancing, your traditional applications can run on AWS while benefiting from simplified and improved deployment, availability, and performance. In many cases, the resources required to run your applications will also decrease due to the pay-as-you-go elasticity on AWS, along with security functionality such as authorization and authentication being offloaded from your applications to AWS managed networking services.
Setting up hybrid connectivity
AWS application network controls work across AWS and your on-premises locations for hybrid deployments, facilitating migration at your own pace. Secure connectivity with AWS Direct Connect for managed peering connectivity and AWS PrivateLink to connect to AWS without exposing traffic to the public internet. Resolve DNS queries using Amazon Route 53 Resolver, then manage traffic across both architectures using Network Load Balancer for networking traffic along with Application Load Balancer for application traffic. Finally, secure your deployments using Amazon VPC Lattice and IAM Roles Anywhere for service-to-service authorization and authentication. For added security, you can insert AWS Network Firewall into your traffic pathways to inspect traffic, or insert custom and third-party firewalls using Gateway Load Balancer.
AltusGroup uses Amazon VPC Lattice is simplify their networking across accounts.
Unique vision accelerated your rate of deployment with Amazon VPC Lattice.
Instantly get access to the AWS Free Tier.
Start building hybrid connections to your VPC in the AWS console.