Networking & Content Delivery

Building Multi-Region AWS Client VPN with AWS Directory Service and Amazon Route 53

Building Multi-Region AWS Client VPN with Microsoft Active Directory and Amazon Route 53

Introduction Organizations often require a secure connection between their users and resources on internal networks. For organizations with a global workforce, traditional virtual private network (VPN) solutions can be difficult to scale. Providing a single VPN endpoint creates a single point of failure: an outage would mean loss of connectivity to critical IT infrastructure. Authenticating […]

Building highly resilient applications using Amazon Route 53 Application Recovery Controller, Part 1: Single-Region stack

This is the first of a two-part blog post series that shows how the recently launched Amazon Route 53 Application Recovery Controller (Route 53 ARC) service allows you to centrally coordinate failovers and recovery readiness of your application. Using Route 53 ARC with a sample single-Region and multi-Region infrastructure stack, this post provides guidance for […]

Amazon CloudFront introduces Response Headers Policies

Introduction Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. Customers benefit from better performance, reliability, and increased security of their web applications by including CloudFront in their architecture. The ability to easily modify and manage response headers has been a common […]

Serving compressed WebGL websites using Amazon CloudFront, Amazon S3 and AWS Lambda

In this post, you will learn how to deliver compressed WebGL websites to your end users. When requested webpage objects are compressed, the transfer size is reduced, leading to faster downloads, lower cloud storage fees, and lower data transfer fees. Improved load times also directly influence the viewer experience and retention, which will help you […]

Enabling granular operational visibility for CloudFront with CloudWatch

Amazon CloudFront is a content delivery network (CDN) that delivers static and dynamic web content using a global network of edge locations. CloudFront integrates natively with Amazon CloudWatch to provide monitoring and observability capabilities. With the introduction of CloudFront real-time logs, it is now possible to create highly granular custom metrics in CloudWatch to view […]

Dual-stack IPv6 architectures for AWS and hybrid networks

Introduction An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, especially within large-scale networks, and the need to provide service availability to IPv6-only clients. An intermediary step in the path to fully supporting IPv6 are dual-stack IPv4/IPv6 designs, which leverage both versions of […]

Secure hybrid access to Amazon S3 using AWS PrivateLink

AWS PrivateLink for Amazon S3 enables on-premises applications to privately and securely access Amazon S3 over AWS Direct Connect private virtual interface or AWS Site to Site VPN. The Interface VPC Endpoints for Amazon S3 allow security administrators to control which users can access which data in S3 from on premises and cross-Region using their […]

Target Group Load Shedding for Application Load Balancer

Load Shedding Load shedding is the practice of sacrificing enough application traffic to keep partial availability in the presence of an overload condition. Used in conjunction with strategies like load balancing, load shedding helps applications support service level agreements (SLAs) when increased traffic overwhelms available system resources. While the cloud’s elasticity reduces the need for […]

Complying with city-level embargos using Amazon CloudFront

Introduction You may run into occasions where, due to sanctions from governmental organizations like OFAC (Office of Foreign Assets Control), you need to implement granular city-level embargos for your websites. This blog will walk you through an approach to achieving this using Amazon CloudFront geolocation headers and Amazon CloudFront Functions. Note that geographical restrictions at […]

Application Load Balancer-type Target Group for Network Load Balancer

(April 25, 2024) Clarification – AWS PrivateLink does not currently support UDP.   Application Load Balancer (ALB) is a fully managed layer 7 load balancing service that load balances incoming traffic across multiple targets, such as Amazon EC2 instances. ALB supports advanced request routing features based on parameters like HTTP headers and methods, query string, […]