AWS Networking and Content Delivery
AWS Networking and Content Delivery is a globally distributed network of web servers or Points of Presence whose purpose is to provide faster content delivery. The content is replicated and stored throughout the CDN so the users can access the data that is stored at a location that is geographically closest to the user. This is different (and more efficient) than the traditional method of storing content on just one, central server. A client accesses a copy of the data near to the client, as opposed to all clients accessing the same central server, in order to avoid bottlenecks near that server.
Amazon Virtual Private Cloud (Amazon VPC) lets AWS clients provision a logically isolated section of the AWS Cloud where they can launch AWS resources in a virtual network that they define. Customers have complete control over their virtual networking environment, including a selection of their own IP address range, creation of subnets, and configuration of route tables and network gateways. customers can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications; easily customize the network configuration for their VPC; leverage multiple layers of security (including security groups and network access control lists) to help control access to EC2 instances in each subnet; and create a hardware virtual private network (VPN) connection between customers corporate data center and their VPC and leverage the AWS Cloud as an extension of the corporate data center.
Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment. CloudFront is integrated with AWS – both physical locations that are directly connected to the AWS global infrastructure, as well as other AWS services. CloudFront works seamlessly with services including AWS Shield for DDoS mitigation, Amazon S3, Elastic Load Balancing or Amazon EC2 as origins for customers applications, and Lambda@Edge to run custom code closer to customers’ users and to customize the user experience.
AWS clients can get started with the Content Delivery Network in minutes, using the same AWS tools such as: APIs, AWS Management Console, AWS CloudFormation, CLIs, and SDKs. Amazon’s CDN offers a simple, pay-as-you-go pricing model with no upfront fees or required long-term contracts, and support for the CDN.
Amazon Route 53
Amazon Route 53 is a highly available and scalable cloud Domain Name System (DNS) web service. It is designed to give developers and businesses an extremely reliable and cost-effective way to route end users to Internet applications by translating human readable names, such as www.amazonbate.com, into the numeric IP addresses, such as 126.96.36.199, that computers use to connect to each other. Amazon Route 53 is fully compliant with IPv6 as well. Amazon Route 53 effectively connects user requests to infrastructure running in AWS—such as EC2 instances, Elastic Load Balancing load balancers, or Amazon S3 buckets—and can also be used to route users to infrastructure outside of AWS.
AWS customers can use Amazon Route 53 to configure DNS health checks to route traffic to healthy endpoints or to independently monitor the health of the application and its endpoints. Amazon Route 53 traffic flow makes it easy for customers to manage traffic globally through a variety of routing types, including latency-based routing, Geo DNS, and weighted round robin—all of which can be combined with DNS Failover in order to enable a variety of low-latency, fault-tolerant architectures. Using Amazon Route 53 traffic flow’s simple visual editor, clients can easily manage how the end users are routed to their application’s endpoints—whether in a single AWS Region or distributed around the globe. Route 53 also offers Domain Name Registration—customers can purchase and manage domain names such as example.com and Amazon Route 53 will automatically configure DNS settings for their domains.
AWS PrivateLink simplifies the security of data shared with cloud-based applications by eliminating the exposure of data to the public Internet. AWS PrivateLink provides private connectivity between VPCs, AWS services, and on-premises applications, securely on the Amazon network. AWS PrivateLink makes it easy to connect services across different accounts and VPCs to significantly simplify the network architecture.
AWS Direct Connect
AWS Direct Connect makes it easy to establish a dedicated network connection from customers premises to AWS. Using AWS Direct Connect, customers can establish private connectivity between AWS and their data center, office, or co-location environment, which in many cases can reduce the network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. AWS Direct Connect lets customers establish a dedicated network connection between their network and one of the AWS Direct Connect locations. Using industry standard 802.1Q virtual LANS (VLANs), this dedicated connection can be partitioned into multiple virtual interfaces. This allows customers to use the same connection to access public resources, such as objects stored in Amazon S3 using public IP address space, and private resources such as EC2 instances running within a VPC using private IP address space, while maintaining network separation between the public and private environments.
AWS Global Accelerator
AWS Global Accelerator is a networking service that improves the availability and performance of the applications that you offer to your global users. AWS Global Accelerator uses the highly available and congestion-free AWS global network to direct internet traffic from your users to customers applications on AWS, making their users’ experience more consistent. To improve the availability of customers application, they must monitor the health of their application endpoints and route traffic only to healthy endpoints. AWS Global Accelerator improves application availability by continuously monitoring the health of users application endpoints and routing traffic to the closest healthy endpoints. AWS Global Accelerator also makes it easier to manage customers global applications by providing static IP addresses that act as a fixed entry point to their application hosted on AWS. AWS Global Accelerator is easy to set up, configure and manage.
Amazon API Gateway
Amazon API Gateway is a fully managed service that makes it easy for developers to create, publish, maintain, monitor, and secure APIs at any scale. With a few clicks in the AWS Management Console, AWS ccustomers can create an API that acts as a “front door” for applications to access data, business logic, or functionality from their back-end services, such as workloads running on Amazon EC2, code running on AWS Lambda, or any web application. Amazon API Gateway handles all the tasks involved in accepting and processing up to hundreds of thousands of concurrent API calls, including traffic management, authorization and access control, monitoring, and API version management.
AWS Transit Gateway
AWS Transit Gateway is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway. Customers can connect pairs of Amazon VPCs using peering. However, managing point-to-point connectivity across many Amazon VPCs, without the ability to centrally manage the connectivity policies, can be operationally costly and cumbersome. For on-premises connectivity, they need to attach their AWS VPN to each individual Amazon VPC. This solution can be time consuming to build and hard to manage when the number of VPCs grows into the hundreds. With AWS Transit Gateway, AWS clients only have to create and manage a single connection from the central gateway in to each Amazon VPC, on-premises data center, or remote office across their network.
Transit Gateway acts as a hub that controls how traffic is routed among all the connected networks which act like spokes. This hub and spoke model significantly simplifies management and reduces operational costs because each network only has to connect to the Transit Gateway and not to every other network. Any new VPC is simply connected to the Transit Gateway and is then automatically available to every other network that is connected to the Transit Gateway. This ease of connectivity makes it easy to scale customers network as you grow.