AWS re:Invent 2022
New Introducing Amazon Vpc Lattice Simplifying App Networking Net215

Title

AWS re:Invent 2022 - Introducing Amazon VPC Lattice: Simplifying app networking (NET215)

Summary

  • Amazon VPC Lattice is a new service launched in preview to simplify service-to-service communication for developers and admins.
  • It addresses the complexity of networking in modern applications, particularly those using microservices across multiple VPCs and accounts.
  • VPC Lattice offers a unified solution for service discovery, load balancing, authentication, authorization, and observability.
  • It integrates with AWS IAM for authentication and authorization, providing strong security without the need for developers to manage networking details.
  • The service is designed to work consistently across various compute platforms, including instances, containers, and serverless.
  • VPC Lattice includes four key components: services, service networks, auth policy, and service directory.
  • It allows for the creation of service networks that can be shared across accounts and VPCs, defining a new application layer boundary.
  • The service is fully managed and built into the VPC infrastructure, not requiring any agents or sidecar proxies.
  • VPC Lattice is currently in preview, and interested parties can sign up on the AWS website.

Insights

  • VPC Lattice aims to reduce the tension between developers and admins by providing a service that meets both their needs without compromising security or agility.
  • The service is a response to the challenges of modern application architectures, where services are distributed across multiple VPCs and accounts, leading to increased networking complexity.
  • By integrating with AWS IAM, VPC Lattice leverages a familiar and trusted system for authentication and authorization, simplifying secrets management.
  • The service supports a defense-in-depth strategy by offering both network and application layer controls.
  • VPC Lattice's integration with the Kubernetes Gateway API indicates AWS's commitment to supporting Kubernetes users and providing a seamless experience for cluster management.
  • The concept of "tiny bubbles" suggests a best practice for using VPC Lattice, where services are isolated in their own VPCs and accounts, and selectively shared and connected through service networks.
  • VPC Lattice's preview status means that it is still under development, and AWS is likely seeking feedback to refine the service before a full launch.
New Improve Ml Governance Wdeep Control Transparency in Sagemaker Aim346New Introducing Aws Verified Access Secure Connections to Your Apps Net214