SlideShare a Scribd company logo

Planning advanced AWS networking architectures - SVC304 - Chicago AWS Summit

Amazon Web Services
Amazon Web Services

The document discusses advanced AWS networking architectures including AWS Transit Gateway, AWS PrivateLink, and AWS Global Accelerator. It provides an overview of each service and how they can help interconnect VPCs at scale, provide private connectivity to services, and route traffic across regions with low latency. Examples of use cases are also presented, such as using Transit Gateway to interconnect multiple VPCs and VPNs through a single connection point.

1 of 28
Download to read offline
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Planning advanced AWS networking architectures Bhavin Desai Senior solutions architect Amazon Web Services S V C 3 0 4 Pratik Mankad Partner solutions architect Amazon Web Services
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T NAT InstanceB 10.1.1.11/24 Instance BNAT-GW NAT-GW 0.0.0.0/0 AWS Region Availability Zone 2Availability Zone 1 Private subnet VGW VPC Peering VPC Flow Logs VPN The internet Private subnet Public subnet InstanceA Public subnet Amazon Simple Storage Service (Amazon S3) VPC CIDR 10.1.0.0/16 10.1.0.11/24 InstanceC 10.1.2.11/24 InstanceD 10.1.3.11/24 DXGW + Expand + IPv6 IGWVPCE 10.1.0.0/16 Local 0.0.0.0/0 IGW S3.prefix.list VPCE-123 On premises VGW VPC-B PCX-123 Destination Target Intra or Inter region 10.1.0.0/16 Local S3.prefix.list VPCE-123 On premises VGW VPC-B PCX-123 Destination Target AWS PrivateLink Service Provider VPC NLB On premises VPC-B EIP - 10.1.0.11 : 54.23.12.43 EIP - 10.1.1.11 : 54.19.12.23 Let’s take a closer look Amazon DynamoDB AWS Lambda AWS Direct Connect Amazon Simple Queue Service (Amazon SQS) Amazon Simple Notification Service (Amazon SNS) AWS IOT Amazon CloudWatch AWS PrivateLink AWS Transit Gateway Onpremises AWS PrivateLink Enabled Services Other Routes TGW Other Routes TGW Amazon S3
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T What is AWS Transit Gateway A gateway that provides simple, scalable, and secure connectivity across networks
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Before AWS Transit Gateway AWS Cloud
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Interconnecting VPCs at scale—Peering AWS Cloud Connecting large number of VPCs in a mesh is challenging to manage Connecting on-premises networks to each new VPC can take weeks to months to implement due to customer’s internal processes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Interconnecting VPCs at scale—AWS Transit Gateway AWS Cloud
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Single VPN with AWS Transit Gateway AWS Cloud Server contents
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway Benefits • Centrally interconnect multiple VPCs across accounts • One central connection point for VPN and Direct Connect • Reduce or eliminate need for peer to peer networking • Increase VPN throughput via ECMP routing (50 Gbps+) • Peer AWS Transit Gateway across regions • Leverage the AWS Global Network for low latency cross-region connectivity • Regional construct reduces blast radius • Reduces time to configure on- premises connectivity to AWS • Easily monitor and manage from a central point • Integrated with CloudWatch and VPC Flow Logs • Leverage existing VPC security groups and network access control lists *2H ‘19
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway use cases
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway Shared services + VPN VPN VPC Route Destination 10.1.0.0/16 vpc-att-1xxxx 10.2.0.0/16 vpc-att-2xxxx Route Destination 10.3.0.0/16 vpc-att-3xxxx 10.4.0.0/16 vpc-att-4xxxx Route Destination 10.0.0.0/8 VPN 10.4.0.0/16 vpc-att-4xxxx VPCs attach to a route table with routes to shared resources Shared resources attach to a route table with routes to all resources Use case 1: Shared services with AWS Transit Gateway
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Use Case 2: Outbound Internet with NAT Gateway 100.64.0.0/16 Outbound VPC SNAT SNAT AWS Transit Gateway VPC route domain 10.1.0.0/16 10.2.0.0/16 Outbound route domain Spoke route table Outbound VPC route table VPC B VPC Attachment route table, per AZ Route Destination 10.2.0.0/16 Local 0.0.0.0/0 tgw-xxxxxxxxx Route Destination 100.64.0.0/16 Local 10.0.0.0/8 tgw-xxxxxxxxx 0.0.0.0/0 igw-xxxxxxxxx Route Destination 0.0.0.0/0 ngw-xxxxxxx 0.0.0.0/0 vpc-att-outbound 10.1.0.0/16 vpc-att-a 10.2.0.0/16 vpc-att-b Apply SNAT outbound to the internet SNAT VPC A Use Case 2: Outbound internet with NAT Gateway
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Before
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Region 1 AWS Region 2
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T After
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Region 1 AWS Region 2 3.10.3.1253.10.3.125
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Client StateAWS’s Global Network Static Anycast IPs Applications can keep state, with connections routed to the same endpoint, after initial connection. Traffic routed through AWS Global Accelerator traverses AWS global network (instead of the public internet). Global Accelerator uses static IP addresses as a fixed entry point to your applications. These IP addresses are anycast from AWS edge locations.
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T What is AWS PrivateLink? • Services specific link between a consumer VPC and a provider VPC • Interface VPC endpoint in consumer VPC • NLB as service frontend in provider VPC • Three types of services accessible over AWS PrivateLink • AWS services • Customer-hosted internal services • Third-party services (SaaS)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Sharing a service with AWS PrivateLink: Advantages Load BalancerPrivate IP: 10.10.1.6 Endpoint Service Service name: com.amazonaws… VPC Endpoint One-way access Security group for the connection Support for overlapping addresses Share to thousands of VPCs Share a single service
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone Network Load Balancer API API One IP address for each Availability Zone The endpoint is a local IP address Access is unidirectional
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone 172.16.1.9 172.16.2.41 API API 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.162 10.1.2.0/24 Availability Zone 10.1.2.22 Support for overlapping IP address ranges . . . thousands DNS names are created: • 1 FQDN for all IP addresses • Multiple FQDNs, one for each Availability Zone VPC Endpoint: vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone 172.16.1.9 172.16.2.41 API API 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.162 10.1.2.0/24 Availability Zone 10.1.2.22 . . . thousands CNAME api.example.com --> ALIAS vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com VPC Endpoint: vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com Amazon Route 53 Private Hosted Zone VPC Endpoint: api.example.com Private Hosted Zone Association
Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Bhavin Desai Pratik Mankad

Recommended

AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
Amazon Web Services
 
Self-service remediation, managing configuration drift, & automation - SVC311...
Self-service remediation, managing configuration drift, & automation - SVC311...Self-service remediation, managing configuration drift, & automation - SVC311...
Self-service remediation, managing configuration drift, & automation - SVC311...
Amazon Web Services
 
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS SummitDo you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Amazon Web Services
 
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Amazon Web Services
 
Delivering applications securely with AWS - SVC303 - Chicago AWS Summit
Delivering applications securely with AWS - SVC303 - Chicago AWS SummitDelivering applications securely with AWS - SVC303 - Chicago AWS Summit
Delivering applications securely with AWS - SVC303 - Chicago AWS Summit
Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Amazon Web Services
 
Best practices for queue processing in serverless applications - MAD313 - Chi...
Best practices for queue processing in serverless applications - MAD313 - Chi...Best practices for queue processing in serverless applications - MAD313 - Chi...
Best practices for queue processing in serverless applications - MAD313 - Chi...
Amazon Web Services
 
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS SummitExploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Amazon Web Services
 

Recommended

AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...
Amazon Web Services
 
Self-service remediation, managing configuration drift, & automation - SVC311...
Self-service remediation, managing configuration drift, & automation - SVC311...Self-service remediation, managing configuration drift, & automation - SVC311...
Self-service remediation, managing configuration drift, & automation - SVC311...
Amazon Web Services
 
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS SummitDo you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Do you need a ledger database or a blockchain? - SVC310 - Chicago AWS Summit
Amazon Web Services
 
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chic...
Amazon Web Services
 
Delivering applications securely with AWS - SVC303 - Chicago AWS Summit
Delivering applications securely with AWS - SVC303 - Chicago AWS SummitDelivering applications securely with AWS - SVC303 - Chicago AWS Summit
Delivering applications securely with AWS - SVC303 - Chicago AWS Summit
Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Amazon Web Services
 
Best practices for queue processing in serverless applications - MAD313 - Chi...
Best practices for queue processing in serverless applications - MAD313 - Chi...Best practices for queue processing in serverless applications - MAD313 - Chi...
Best practices for queue processing in serverless applications - MAD313 - Chi...
Amazon Web Services
 
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS SummitExploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Exploring the fundamentals of AWS networking - SVC210 - Chicago AWS Summit
Amazon Web Services
 
Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...
Amazon Web Services
 
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS SummitExploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Amazon Web Services
 
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS SummitIntroduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Amazon Web Services
 
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS SummitGetting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
Amazon Web Services
 
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Amazon Web Services
 
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS SummitScaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Amazon Web Services
 
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS SummitFundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Amazon Web Services
 
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Amazon Web Services
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Amazon Web Services
 
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS SummitArchitecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Amazon Web Services
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
Amazon Web Services
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking FundamentalsAmazon Web Services
 
Building APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS SummitBuilding APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS Summit
Amazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Amazon Web Services
 
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
Amazon Web Services
 
Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...
Amazon Web Services
 
Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...
Amazon Web Services
 
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS SummitSecurely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Amazon Web Services
 
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Amazon Web Services
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Amazon Web Services
 
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Summits
 
Networking and Edge Services on AWS
Networking and Edge Services on AWSNetworking and Edge Services on AWS
Networking and Edge Services on AWS
Amazon Web Services
 

More Related Content

What's hot

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...
Amazon Web Services
 
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS SummitExploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Amazon Web Services
 
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS SummitIntroduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Amazon Web Services
 
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS SummitGetting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
Amazon Web Services
 
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Amazon Web Services
 
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS SummitScaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Amazon Web Services
 
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS SummitFundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Amazon Web Services
 
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Amazon Web Services
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Amazon Web Services
 
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS SummitArchitecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Amazon Web Services
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
Amazon Web Services
 
Building APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS SummitBuilding APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS Summit
Amazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Amazon Web Services
 
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
Amazon Web Services
 
Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...
Amazon Web Services
 
Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...
Amazon Web Services
 
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS SummitSecurely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Amazon Web Services
 
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Amazon Web Services
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Amazon Web Services
 

What's hot (20)

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...
 
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS SummitExploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
Exploring the fundamentals of AWS networking - SVC211 - New York AWS Summit
 
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS SummitIntroduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
Introduction to AWS Global Accelerator - SVC211 - Chicago AWS Summit
 
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS SummitGetting started with AWS IoT Core - SVC306 - New York AWS Summit
Getting started with AWS IoT Core - SVC306 - New York AWS Summit
 
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...
 
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS SummitScaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit
 
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS SummitFundamentals of AWS networking - SVC303 - Atlanta AWS Summit
Fundamentals of AWS networking - SVC303 - Atlanta AWS Summit
 
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
 
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS SummitArchitecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
Architecting SAP on Amazon Web Services - SVC216 - Chicago AWS Summit
 
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS SummitAWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
AWS Networking Fundamentals - SVC304 - Anaheim AWS Summit
 
AWS Networking Fundamentals
AWS Networking FundamentalsAWS Networking Fundamentals
AWS Networking Fundamentals
 
Building APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS SummitBuilding APIs from front to back - MAD314 - Chicago AWS Summit
Building APIs from front to back - MAD314 - Chicago AWS Summit
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
 
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
 
Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...Increasing the value of video with machine learning & AWS Media Services - SV...
Increasing the value of video with machine learning & AWS Media Services - SV...
 
Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...Unified monitoring of the container environment, containers, and applications...
Unified monitoring of the container environment, containers, and applications...
 
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS SummitSecurely deliver applications with AWS - SVC305 - Atlanta AWS Summit
Securely deliver applications with AWS - SVC305 - Atlanta AWS Summit
 
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
 

Similar to Planning advanced AWS networking architectures - SVC304 - Chicago AWS Summit

AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Summits
 
Networking and Edge Services on AWS
Networking and Edge Services on AWSNetworking and Edge Services on AWS
Networking and Edge Services on AWS
Amazon Web Services
 
利用AWS建立企業全球化網路
利用AWS建立企業全球化網路利用AWS建立企業全球化網路
利用AWS建立企業全球化網路Amazon Web Services
 
AWS networking fundamentals - SVC211 - São Paulo AWS Summit
AWS networking fundamentals - SVC211 - São Paulo AWS SummitAWS networking fundamentals - SVC211 - São Paulo AWS Summit
AWS networking fundamentals - SVC211 - São Paulo AWS Summit
Amazon Web Services
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
Amazon Web Services
 
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
Amazon Web Services Korea
 
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
Amazon Web Services
 
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City SummitPlanificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Amazon Web Services
 
打破時空藩籬,輕鬆存取您的雲端工作負載
打破時空藩籬,輕鬆存取您的雲端工作負載打破時空藩籬,輕鬆存取您的雲端工作負載
打破時空藩籬,輕鬆存取您的雲端工作負載
Amazon Web Services
 
打破時空藩籬-輕鬆存取您的雲端工作負載
打破時空藩籬-輕鬆存取您的雲端工作負載打破時空藩籬-輕鬆存取您的雲端工作負載
打破時空藩籬-輕鬆存取您的雲端工作負載
Amazon Web Services
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Amazon Web Services
 
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
Amazon Web Services
 
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
Amazon Web Services
 
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
Amazon Web Services
 
Black Belt Tips for Cloud Network Operations - AWS Summit Sydney
Black Belt Tips for Cloud Network Operations - AWS Summit SydneyBlack Belt Tips for Cloud Network Operations - AWS Summit Sydney
Black Belt Tips for Cloud Network Operations - AWS Summit Sydney
Amazon Web Services
 
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
Amazon Web Services
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
Amazon Web Services
 
The Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
The Fundamentals of Networking in AWS: VPC and Connectivity Options - BusinessThe Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
The Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
Amazon Web Services
 
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Amazon Web Services
 
Going Further with VMware Cloud on AWS: New Integration Options with Native A...
Going Further with VMware Cloud on AWS: New Integration Options with Native A...Going Further with VMware Cloud on AWS: New Integration Options with Native A...
Going Further with VMware Cloud on AWS: New Integration Options with Native A...
Amazon Web Services
 

Similar to Planning advanced AWS networking architectures - SVC304 - Chicago AWS Summit (20)

AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
AWS Networking – Advanced Concepts and new capabilities | AWS Summit Tel Aviv...
 
Networking and Edge Services on AWS
Networking and Edge Services on AWSNetworking and Edge Services on AWS
Networking and Edge Services on AWS
 
利用AWS建立企業全球化網路
利用AWS建立企業全球化網路利用AWS建立企業全球化網路
利用AWS建立企業全球化網路
 
AWS networking fundamentals - SVC211 - São Paulo AWS Summit
AWS networking fundamentals - SVC211 - São Paulo AWS SummitAWS networking fundamentals - SVC211 - São Paulo AWS Summit
AWS networking fundamentals - SVC211 - São Paulo AWS Summit
 
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS SummitAWS networking fundamentals - SVC303 - Santa Clara AWS Summit
AWS networking fundamentals - SVC303 - Santa Clara AWS Summit
 
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
AWS Transit Gateway를 통한 Multi-VPC 아키텍처 패턴 - 강동환 솔루션즈 아키텍트, AWS :: AWS Summit ...
 
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
Connecting Many VPCs: Network Design Patterns at Scale (ARC405) - AWS re:Inve...
 
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City SummitPlanificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City Summit
 
打破時空藩籬,輕鬆存取您的雲端工作負載
打破時空藩籬,輕鬆存取您的雲端工作負載打破時空藩籬,輕鬆存取您的雲端工作負載
打破時空藩籬,輕鬆存取您的雲端工作負載
 
打破時空藩籬-輕鬆存取您的雲端工作負載
打破時空藩籬-輕鬆存取您的雲端工作負載打破時空藩籬-輕鬆存取您的雲端工作負載
打破時空藩籬-輕鬆存取您的雲端工作負載
 
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitPlan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit
 
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
[NEW LAUNCH!] AWS Transit Gateway and Transit VPCs - Reference Architectures ...
 
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
AWS re:Invent 2018: [NEW LAUNCH] AWS Transit Gateway & Transit VPCs, Ref Arch...
 
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
DevNetOps: Automating large-scale hybrid cloud architectures - AWS Summit Cap...
 
Black Belt Tips for Cloud Network Operations - AWS Summit Sydney
Black Belt Tips for Cloud Network Operations - AWS Summit SydneyBlack Belt Tips for Cloud Network Operations - AWS Summit Sydney
Black Belt Tips for Cloud Network Operations - AWS Summit Sydney
 
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...
 
AWS networking fundamentals
AWS networking fundamentalsAWS networking fundamentals
AWS networking fundamentals
 
The Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
The Fundamentals of Networking in AWS: VPC and Connectivity Options - BusinessThe Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
The Fundamentals of Networking in AWS: VPC and Connectivity Options - Business
 
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
Become an AWS VPN and AWS Direct Connect Expert (NET306-R1) - AWS re:Invent 2018
 
Going Further with VMware Cloud on AWS: New Integration Options with Native A...
Going Further with VMware Cloud on AWS: New Integration Options with Native A...Going Further with VMware Cloud on AWS: New Integration Options with Native A...
Going Further with VMware Cloud on AWS: New Integration Options with Native A...
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Planning advanced AWS networking architectures - SVC304 - Chicago AWS Summit

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Planning advanced AWS networking architectures Bhavin Desai Senior solutions architect Amazon Web Services S V C 3 0 4 Pratik Mankad Partner solutions architect Amazon Web Services
  • 2. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T NAT InstanceB 10.1.1.11/24 Instance BNAT-GW NAT-GW 0.0.0.0/0 AWS Region Availability Zone 2Availability Zone 1 Private subnet VGW VPC Peering VPC Flow Logs VPN The internet Private subnet Public subnet InstanceA Public subnet Amazon Simple Storage Service (Amazon S3) VPC CIDR 10.1.0.0/16 10.1.0.11/24 InstanceC 10.1.2.11/24 InstanceD 10.1.3.11/24 DXGW + Expand + IPv6 IGWVPCE 10.1.0.0/16 Local 0.0.0.0/0 IGW S3.prefix.list VPCE-123 On premises VGW VPC-B PCX-123 Destination Target Intra or Inter region 10.1.0.0/16 Local S3.prefix.list VPCE-123 On premises VGW VPC-B PCX-123 Destination Target AWS PrivateLink Service Provider VPC NLB On premises VPC-B EIP - 10.1.0.11 : 54.23.12.43 EIP - 10.1.1.11 : 54.19.12.23 Let’s take a closer look Amazon DynamoDB AWS Lambda AWS Direct Connect Amazon Simple Queue Service (Amazon SQS) Amazon Simple Notification Service (Amazon SNS) AWS IOT Amazon CloudWatch AWS PrivateLink AWS Transit Gateway Onpremises AWS PrivateLink Enabled Services Other Routes TGW Other Routes TGW Amazon S3
  • 4. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T What is AWS Transit Gateway A gateway that provides simple, scalable, and secure connectivity across networks
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Before AWS Transit Gateway AWS Cloud
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Interconnecting VPCs at scale—Peering AWS Cloud Connecting large number of VPCs in a mesh is challenging to manage Connecting on-premises networks to each new VPC can take weeks to months to implement due to customer’s internal processes
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Interconnecting VPCs at scale—AWS Transit Gateway AWS Cloud
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Single VPN with AWS Transit Gateway AWS Cloud Server contents
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway Benefits • Centrally interconnect multiple VPCs across accounts • One central connection point for VPN and Direct Connect • Reduce or eliminate need for peer to peer networking • Increase VPN throughput via ECMP routing (50 Gbps+) • Peer AWS Transit Gateway across regions • Leverage the AWS Global Network for low latency cross-region connectivity • Regional construct reduces blast radius • Reduces time to configure on- premises connectivity to AWS • Easily monitor and manage from a central point • Integrated with CloudWatch and VPC Flow Logs • Leverage existing VPC security groups and network access control lists *2H ‘19
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway use cases
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Transit Gateway Shared services + VPN VPN VPC Route Destination 10.1.0.0/16 vpc-att-1xxxx 10.2.0.0/16 vpc-att-2xxxx Route Destination 10.3.0.0/16 vpc-att-3xxxx 10.4.0.0/16 vpc-att-4xxxx Route Destination 10.0.0.0/8 VPN 10.4.0.0/16 vpc-att-4xxxx VPCs attach to a route table with routes to shared resources Shared resources attach to a route table with routes to all resources Use case 1: Shared services with AWS Transit Gateway
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Use Case 2: Outbound Internet with NAT Gateway 100.64.0.0/16 Outbound VPC SNAT SNAT AWS Transit Gateway VPC route domain 10.1.0.0/16 10.2.0.0/16 Outbound route domain Spoke route table Outbound VPC route table VPC B VPC Attachment route table, per AZ Route Destination 10.2.0.0/16 Local 0.0.0.0/0 tgw-xxxxxxxxx Route Destination 100.64.0.0/16 Local 10.0.0.0/8 tgw-xxxxxxxxx 0.0.0.0/0 igw-xxxxxxxxx Route Destination 0.0.0.0/0 ngw-xxxxxxx 0.0.0.0/0 vpc-att-outbound 10.1.0.0/16 vpc-att-a 10.2.0.0/16 vpc-att-b Apply SNAT outbound to the internet SNAT VPC A Use Case 2: Outbound internet with NAT Gateway
  • 14. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 15. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 16. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Before
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Region 1 AWS Region 2
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T After
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS Region 1 AWS Region 2 3.10.3.1253.10.3.125
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Client StateAWS’s Global Network Static Anycast IPs Applications can keep state, with connections routed to the same endpoint, after initial connection. Traffic routed through AWS Global Accelerator traverses AWS global network (instead of the public internet). Global Accelerator uses static IP addresses as a fixed entry point to your applications. These IP addresses are anycast from AWS edge locations.
  • 22. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T What is AWS PrivateLink? • Services specific link between a consumer VPC and a provider VPC • Interface VPC endpoint in consumer VPC • NLB as service frontend in provider VPC • Three types of services accessible over AWS PrivateLink • AWS services • Customer-hosted internal services • Third-party services (SaaS)
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T Sharing a service with AWS PrivateLink: Advantages Load BalancerPrivate IP: 10.10.1.6 Endpoint Service Service name: com.amazonaws… VPC Endpoint One-way access Security group for the connection Support for overlapping addresses Share to thousands of VPCs Share a single service
  • 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone Network Load Balancer API API One IP address for each Availability Zone The endpoint is a local IP address Access is unidirectional
  • 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone 172.16.1.9 172.16.2.41 API API 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.162 10.1.2.0/24 Availability Zone 10.1.2.22 Support for overlapping IP address ranges . . . thousands DNS names are created: • 1 FQDN for all IP addresses • Multiple FQDNs, one for each Availability Zone VPC Endpoint: vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com
  • 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. S U M M I T AWS PrivateLink—How it works 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.127 10.1.2.0/24 Availability Zone 10.1.2.35 172.16.0.0/16 172.16.1.0/24 Availability Zone 172.16.2.0/24 Availability Zone 172.16.1.9 172.16.2.41 API API 10.1.0.0/16 10.1.1.0/24 Availability Zone 10.1.1.162 10.1.2.0/24 Availability Zone 10.1.2.22 . . . thousands CNAME api.example.com --> ALIAS vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com VPC Endpoint: vpce-xxxx.vpce-svc-xxxx.us-east- 2.vpce.amazonaws.com Amazon Route 53 Private Hosted Zone VPC Endpoint: api.example.com Private Hosted Zone Association
  • 28. Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Bhavin Desai Pratik Mankad