Category: Networking & Content Delivery

This post shows how to integrate and automate network testing as part of AWS infrastructure deployment. We will show you how to use a new tool, Infrastructure as Code (IaC) Network Tester, to perform connectivity testing between a source resource and a destination resource in Virtual Private Cloud (VPC). It supports testing resources deployed via AWS Management Console, SDK, Command Line Interface (CLI) or via a CI/CD pipeline.

Introduction Many AWS customers use multiple AWS Accounts to make it easier to manage permissions and allocate costs to different groups or departments. When multiple accounts share one AWS Direct Connect interface, customers need to understand how Port-hour and outgoing Data Transfer costs are allocated. These accounts may be independent, or part of the same AWS […]

CloudFront Functions is a new serverless scripting capability that allows you to run JavaScript code at more than 225 Amazon CloudFront edge locations to perform lightweight HTTP transformations and customize content delivery. This blog details our security journey and the controls we put in place to make CloudFront Functions raise the security bar when it comes to edge computing capabilities.

If your network architecture is complex, and you’d like to quickly identify application connectivity issues due to infrastructure changes, then the new Amazon Virtual Private Cloud (VPC) Reachability Analyzer can help. Often times, it is not always clear if changes to VPC infrastructure are affecting connectivity to applications and other AWS services. By implementing automated […]

AWS Direct Connect now supports MACsec security (IEEE 802.1AE), giving you a new option for securing your data from when it leaves your network until it arrives at AWS. With this release, Direct Connect delivers native, near line-rate, and point-to-point encryption for 10 Gbps and 100 Gbps links. Available at select locations for dedicated connections […]

In this blog post, we will present an approach to starting small and testing the benefits of AWS Global Accelerator before determining if you would like to transition to a full Global Accelerator enhanced application. Similarly, if you are interested in performing A/B testing or looking for a rolling deployment method for the Global Accelerator, this blog […]

AWS Direct Connect is a networking service that provides an alternative to connecting to AWS over the internet. When you use AWS Direct Connect, your network traffic bypasses the internet entirely and is instead delivered through a private network connection to AWS. In many circumstances, this can reduce costs, increase bandwidth, and provide more consistent […]

Introduction It has been over 2 years since we launched VPC sharing at re:Invent 2018. I previously wrote about this capability in a “VPC sharing: A new approach to multiple accounts and VPC management” blog post. That blog covers everything you need to know about where to start, the benefits of VPC sharing, and why we decided […]

Many organizations want to replay production traffic to a test environment, with no impact on the end user’s experience. This is known as traffic mirroring or traffic shadowing. Testing the new version of a workload with production traffic is a key step for a successful release. Some tests use scripted requests, but real traffic is […]

Introduction There are many services that help you configure network security within your Amazon Virtual Private Cloud (VPC), including security groups (SGs), network access control lists (network ACLs), and the AWS Network Firewall. These services inspect and filter network traffic, but they do not apply to DNS queries provided by Route 53 Resolver, potentially allowing […]