Category: AWS PrivateLink

The Amazon Web Services (AWS) commitment to safe, transparent, and responsible artificial intelligence (AI)—including generative AI—is reflected in our endorsement of the White House Voluntary AI Commitments, our participation in the UK AI Safety Summit, and our dedication to providing customers with features that address specific challenges in this space. In this post, we explore how AWS can help agencies address the governance requirements outlined in the Office of Management and Budget (OMB) memo M-2410 as public sector entities look to build internal capacity for AI.

AWS GovCloud (US) was architected to have isolation (both physically and logically) from other AWS partitions for compliance. For this reason, AWS services, used to privately interconnect virtual private cloud (VPC) hosted resources within the same partition like AWS PrivateLink, Amazon Virtual Private Cloud (Amazon VPC) peering, or AWS Transit Gateway peering, cannot span from AWS GovCloud (US) to commercial Regions natively by design. In this post, we will highlight four connectivity patterns customers can use to interconnect VPC hosted systems cross partition.

Common Securitization Solutions (CSS), a joint Freddie Mac and Fannie Mae venture launched in 2013, supports a cornerstone of the American economy: home ownership. CSS built and now operates the largest and most advanced mortgage securitization platform in the US, supporting Freddie Mac and Fannie Mae’s 70 percent market share of the industry with flexibility, scalability, and security at its core. Read this blog post to learn how CSS uses Amazon Web Services (AWS) to power their solutions in the cloud.

In the digital age, universities face increasing cyber threats that put valuable data at risk. The University of New South Wales (UNSW) is taking proactive measures to address this growing concern. Read this blog post to learn how UNSW is collaborating with Amazon Web Services (AWS) to modernize its IT infrastructure and bolster cybersecurity defenses as part of its cloud transformation program.

In July 2021, the U.S. Department of Defense (DoD) released a cloud native access point (CNAP) reference design that follows zero trust architecture (ZTA) principles and provides a new approach to access mission owner (MO) applications. The DoD’s reference design discusses four core capabilities of CNAP: authenticated and authorized entities (C1), authorized ingress (C2), authorized egress (C3), and security monitoring and compliance enforcement (C4). In this blog post, we walk through how to establish the C2 component via a virtual internet access point (vIAP) with AWS. The proposed architectures can reduce operational cost and management overhead, while improving the accessibility, resiliency, and security of mission owner applications.

The Newfoundland and Labrador Centre for Health Information (NLCHI) provides quality information to health professionals, the public, researchers, and health system decision makers. Through collaboration with the health system, NLCHI supports the development of data and technical standards, maintains key health databases, carries out analytics and evaluation, and supports health research. This post details how NLCHI is able to provide secure and scalable access to their on-premises provincial electronic health record (EHR) system, by trusted and authorized partners who run on AWS, through the use of AWS PrivateLink, Network Load Balancer, and AWS Site-to-Site VPN.