AWS Cloud Operations Blog
Category: Networking & Content Delivery
Planning Migrations to successfully incorporate Generative AI
The recent rise of generative artificial intelligence (generative AI) solutions presents challenges to migrations that are in flight and to migrations that are just beginning. The business problem is that generative AI complicates cloud migrations by introducing additional risks related to data isolation, data sharing, and service costs. For example, the US Space Force has […]
How EverQuote Underwent a Serverless Transformation using AWS
This post is co-written with Conor Teer, Senior Software Engineer, at EverQuote, David Kelly, Principal Software Engineer at EverQuote, and Mark O’Connell, SVP of Engineering at EverQuote. EverQuote is a leading online insurance marketplace that helps protect life’s most important assets- family, property, and future by simplifying the experience of shopping for insurance, making it […]
Securing Elastic IP addresses from accidental release
Have you wondered what are the best practices in safeguarding your infrastructure from unintended release of Elastic IP addresses? In this blog, we are providing a few proactive self-service solutions to streamline IP handling and obtaining a robust environment for critical applications. Before diving into the solution, let us revisit some key concepts of AWS […]
Building a central Amazon CloudWatch Dashboard to monitor Lambda@Edge logs and metrics
Introduction Lambda@Edge is a powerful feature of Amazon CloudFront that allows you to execute serverless code closer to your application users, resulting in improved performance and reduced latency. By distributing Lambda@Edge functions to edge locations worldwide, AWS ensures that the code executes closer to end users, providing faster response times. Moreover, the serverless nature of […]
How to grant least privilege access to third-parties on your private EC2 instances with AWS Systems Manager
AWS Systems Manager Session Manager provides a more secure way to manage your Amazon Elastic Compute Cloud (EC2) instances without the need to open inbound ports, maintain bastion hosts, or manage SSH keys. Furthermore, you can use it with a combination of AWS services to give access to external third-parties. Due to business requirements, you […]
Announcing inbound network access control in Amazon Managed Grafana
Many customers that use Amazon Managed Grafana have a need to restrict the Grafana workspace public access and enable fine-grained control to allow which traffic sources can reach the Grafana workspace. Today, we are announcing Amazon Managed Grafana’s new feature that supports inbound network access control. This enables you to secure Grafana workspaces using VPC […]
How Thomson Reuters used Amazon CloudWatch to improve availability and operational efficiency of Directory Services
Thomson Reuters Corporation (TR) is a Canadian multinational media company that provides critical online and print information, know-how, decision making tools, software, and services for the legal industry. TR’s Tax and Accounting business serves law firms, tax and accounting firms, global trade organizations, educational institutions, and more. Thomson Reuters operates in more than 100 countries […]
Amazon Managed Service for Prometheus now offers VPC endpoint policy support
Today, Amazon Managed Service for Prometheus announces support for Amazon Virtual Private Cloud (Amazon VPC) endpoint policies. With VPC endpoint policy support, customers can now further control access to Amazon Managed Service for Prometheus through restricting user access or allowable actions. Amazon Managed Service for Prometheus is a fully managed Prometheus-compatible monitoring service that monitors and alarms on […]
How to enable VPC Flow Logs automatically using AWS Config rules
This post discusses an automated process for enabling Amazon Virtual Private Cloud (Amazon VPC) Flow Logs using AWS Config rule remediation. Customers use Amazon VPC Flow logs to capture information about the IP traffic going to and from network interfaces in an Amazon VPC. You can deploy this solution with the help of AWS Control […]
Automate time series network visualizations for AWS PrivateLink using Amazon CloudWatch Contributor Insights
AWS PrivateLink is a highly available, scalable technology that lets you connect your Amazon Virtual Private Cloud (VPC) to supported AWS services without requiring public internet traversal. It also lets you privately connect to services hosted by other AWS accounts (VPC endpoint services) and supported AWS Marketplace partner services. Amazon CloudWatch Contributor Insights is a […]