Category: Thought Leadership

A key challenge for SaaS providers is designing secure, scalable tenant routing mechanisms to identify tenants and route requests to appropriate resources. Effective tenant routing ensures isolation, scalability, and security. This post explores strategies for routing HTTP requests in multi-tenant SaaS environments on AWS, including considerations, best practices, and example scenarios. For routing strategies at […]

Update: June 28, 2024 – Corrections were made to Figure 5 and the subsequent packet walkthrough.  AWS Cloud WAN is a managed wide-area networking (WAN) service that you can use to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Cloud (Amazon VPC) […]

Elastic Load Balancing (ELB) offers four types of load balancers, all featuring high availability, automatic scaling, and robust security support for your applications: Application Load Balancer (ALB), Network Load Balancer (NLB), Gateway Load Balancer (GWLB), and Classic Load Balancer (CLB). ELB automatically scales up and down, and scales in and out in response to traffic […]

An update was made on April 11th, 2024, outlining deployment procedure. This post guides you through setting up the networking layer for a multi-Region active-active application architecture on AWS using latency-based routing in Amazon Route 53 with Amazon CloudFront to deliver a low-latency, reliable experience for your users. Building active-active architectures using AWS networking services improves […]

Amazon VPC IP Address Manager (IPAM) is a VPC feature that allows you to plan, track, and monitor IP addresses for your AWS workloads. Until now, VPC IPAM allowed you to allocate CIDR blocks and monitor them at the VPC level. With a recent feature enhancement in VPC IPAM, you can now manage CIDR allocations […]

Amazon Web Services (AWS) customers can use the AWS global infrastructure to deploy workloads to multiple AWS Regions. They can create global networks that span multiple AWS Regions to connect these workloads to each other and to on-premises networks. A common design pattern is to use a central networking AWS account to own shared network resources, such as AWS Transit […]

In this blog post, we will discuss how you can setup VPN-less secure access to your corporate applications if you are using Security Assertion Markup Language (SAML) based identity providers (IdPs). We will also provide guidance if you have already invested in integrating third-party IdPs with AWS IAM Identity Center (successor to AWS Single Sign-On), […]

In multi-Region AWS Cloud WAN deployments, customers deploy centralized architectures for use cases such as traffic inspection, hybrid connectivity (using AWS Transit Gateways and AWS Direct Connect), and internet egress. For internet egress, you may use a single egress VPC per AWS Region or per geography (collection of AWS Regions), for example, Americas (AMER GEO), […]

AWS provides hundreds of services to help you easily deploy resources and applications globally in minutes. This helps you rapidly expand your customer base across the world. At the time of writing this post, the AWS Cloud spans 102 Availability Zones (AZs) within 32 geographic AWS Regions around the world. As AWS is continuously growing, […]

An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, and the need to provide service availability to IPv6-only clients. While undergoing this transformation, customers sometimes find it difficult to assess application behavior in IPv6-enabled environments on AWS. In this blog post, we show […]