Networking & Content Delivery
Category: Networking & Content Delivery
Amazon CloudFront introduces Response Headers Policies
Introduction Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. Customers benefit from better performance, reliability, and increased security of their web applications by including CloudFront in their architecture. The ability to easily modify and manage response headers has been a common […]
Serving compressed WebGL websites using Amazon CloudFront, Amazon S3 and AWS Lambda
In this post, you will learn how to deliver compressed WebGL websites to your end users. When requested webpage objects are compressed, the transfer size is reduced, leading to faster downloads, lower cloud storage fees, and lower data transfer fees. Improved load times also directly influence the viewer experience and retention, which will help you […]
Enabling granular operational visibility for CloudFront with CloudWatch
Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. CloudFront integrates natively with Amazon CloudWatch to provide monitoring and observability capabilities. With the introduction of CloudFront real-time logs, it is now possible to create highly granular custom metrics in CloudWatch to view […]
Dual-stack IPv6 architectures for AWS and hybrid networks
Introduction An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, especially within large-scale networks, and the need to provide service availability to IPv6-only clients. An intermediary step in the path to fully supporting IPv6 are dual-stack IPv4/IPv6 designs, which leverage both versions of […]
Secure hybrid access to Amazon S3 using AWS PrivateLink
AWS PrivateLink for Amazon S3 enables on-premises applications to privately and securely access Amazon S3 over AWS Direct Connect private virtual interface or AWS Site to Site VPN. The Interface VPC Endpoints for Amazon S3 allow security administrators to control which users can access which data in S3 from on premises and cross-Region using their […]
Target Group Load Shedding for Application Load Balancer
Load Shedding Load shedding is the practice of sacrificing enough application traffic to keep partial availability in the presence of an overload condition. Used in conjunction with strategies like load balancing, load shedding helps applications support service level agreements (SLAs) when increased traffic overwhelms available system resources. While the cloud’s elasticity reduces the need for […]
Complying with city-level embargos using Amazon CloudFront
Introduction You may run into occasions where, due to sanctions from governmental organizations like OFAC (Office of Foreign Assets Control), you need to implement granular city-level embargos for your websites. This blog will walk you through an approach to achieving this using Amazon CloudFront geolocation headers and Amazon CloudFront Functions. Note that geographical restrictions at […]
Application Load Balancer-type Target Group for Network Load Balancer
(April 25, 2024) Clarification – AWS PrivateLink does not currently support UDP. Application Load Balancer (ALB) is a fully managed layer 7 load balancing service that load balances incoming traffic across multiple targets, such as Amazon EC2 instances. ALB supports advanced request routing features based on parameters like HTTP headers and methods, query string, […]
Automate Networking foundation in multi-account environments
As AWS customers adopt multi-account strategies, they need to have cross-account networking in their AWS environment. They also need to extend their network across multiple AWS Regions when creating multi-Region applications or disaster recovery environments. AWS has many services and features that allow you do to exactly that with great flexibility. But for users that […]
Building an Open Source IDS IPS service for Gateway Load Balancer
The Gateway Load Balancer (GWLB) service launched with support from the partner network. These partners provide networking appliances that enable customers to perform varying levels of packet inspection on flows that pass through them, taking action as necessary and as defined within their configuration. For a list of partners that support GWLB, refer to the […]