Automate VPN failover via TGW attachment


Continue with my previous post Automate VPN connection and its TGW attachment, in this post I would like to share the solution for VPN failover via TGW attachment. The key components in the solution are: Network Manager for Transit GatewayEventBridgeLambda The basic idea is: Register TGW to Network Manager, as Network Manager can monitor the tunnel … Continue reading Automate VPN failover via TGW attachment

Automate VPN connection and its TGW attachment


If you use the CloudFormation resource AWS::EC2::VPNConnection to create the VPN connection and attach it to the Transit Gateway (TGW), you may notice that it does not return the TGW attachment ID. So it is a bit annoying if you would like to tag the attachment and associate the attachment to a non-default TGW route table. … Continue reading Automate VPN connection and its TGW attachment

Two Examples of using AWS Network Firewall


AWS Network Firewall is a high-available and scalable firewall service that provides network protections for VPC, which is a supplement to the existing security services. Security group protects computing resources (EC2, Lambda, RDS...)NACL (Network Access Control List) protects subnetsWAF (Web Application Firewall) and Shield protects frontend resources (ELB, CloudFound, API Gateway) There are quite a … Continue reading Two Examples of using AWS Network Firewall

Access Specific EC2 behind ALB


When there are multiple EC2 instances running behind the application load balancer, there is no way (at least as the time of writing) to tell the load balancer which instance you want to use. It is all controlled by the pre-defined load_balancing.algorithm.type. load_balancing.algorithm.type - The load balancing algorithm determines how the load balancer selects targets when routing … Continue reading Access Specific EC2 behind ALB