Networking & Content Delivery

Writing and testing CloudFront Functions with production traffic

While maintaining a web application, sometimes we need to build a simple logic that must  run in low latency. For example, you may want to set up website redirection based on condition, or quickly verify an incoming header. CloudFront Functions is ideal for these use cases since it lets you write lightweight JavaScript code that […]

AWS Verified Access Integration with 3rd party identity providers

AWS Verified Access (AVA) offers a solution to the challenges faced by enterprises by managing remote workforce connectivity through traditional remote access VPNs. It allows remote employees to securely access corporate applications over the Internet while authenticating and authorizing each request. Unlike traditional VPN systems, which lack granularity for application-level authentication and authorization, AVA implements […]

Manual Failover and Failback Strategy with Amazon Route53

Introduction Customers use multi-region architecture to achieve application resiliency such as Active-Active or Disaster Recovery (DR). Depending on DR strategy, customers may need to have failover from one region to the next. DR strategies are covered off in detail in a prior AWS Blog. DR strategies include either an Active/Passive or Multi-Site Active/Active approaches. Active/Passive […]

World Cup 2022 – Amazon CloudFront retrospective

It was only just over a month ago, yet somehow it already feels like it could have been a dream. Following 4 action-packed weeks of soccer, capped by perhaps the greatest ever final of any major tournament, Lionel Messi lifted the World Cup aloft in the futuristic Lusail Stadium in Qatar. It was a World […]

Centralizing outbound Internet traffic for dual stack IPv4 and IPv6 VPCs

Organizations have been adopting IPv6 in their IPv4 environments to solve IP address exhaustion or meet compliance requirements. Since IPv6 isn’t backward compatible with IPv4, several mechanisms can facilitate communication between hosts that support one or both protocols. One common way is by using dual stack deployments. For architectures where dual stack deployments aren’t the […]

Reduce latency for end-users with multi-region APIs with CloudFront

As organizations grow, they must often serve geographically dispersed users with low latency, prompting them to have a distributed global infrastructure in the cloud. In this article, we describe how to deploy global API endpoints to reduce latency for end-users while increasing an application’s availability. By using the AWS Global Network and Amazon CloudFront to deploy applications into multiple […]

VPC Routing Enhancements and GWLB Deployment Patterns

At re:Invent 2020, AWS introduced  Gateway Load Balancer (GWLB), an AWS service that helps you deploy, scale, and manage third-party virtual network appliances, such as firewalls, intrusion detection and prevention systems, and others. GWLB is a type of load balancer under the Elastic Load Balancing (ELB) family. Other load balancers within the ELB family include […]

Hybrid inspection architectures with AWS Local Zone

Hybrid inspection architectures with AWS Local Zones

Customers often ask about hybrid security inspection architecture patterns for latency-sensitive applications, where they want to run their workloads inside of AWS Local Zones, to perform security inspection but without compromising latency. In this post, we share some hybrid inspection architectures with traffic flows, where both workloads and security inspection appliances run inside of the […]

Monitoring EC2 Connection Tracking utilization using a new network performance metric

In 2020, Amazon Elastic Compute Cloud (Amazon EC2) announced new network performance metrics for EC2 instances made available using ENA driver and Amazon CloudWatch agent. We covered the launch in this post. These network performance metrics give customers visibility into the number of packets queued or dropped when an instance’s networking allowances, such as Network […]

Introducing multi-function packager, allowing more than one function per event trigger on Amazon CloudFront

In this post, you’ll learn about the ‘multi-function packager’ framework that handles the assembly and execution of discrete Edge functions. Amazon CloudFront is a content delivery network (CDN) service that improves the performance, availability, and security of your application, allowing you to serve a consistent experience to your viewers globally. Lambda@Edge and CloudFront Functions are the […]