AWS Global Accelerator
- AWS Global Accelerator is a networking service that helps improve the availability and performance of the applications to global users.
- AWS Global Accelerator optimizes the path to applications to keep packet loss, jitter, and latency consistently low.
- helps improve the performance of the applications by lowering first-byte latency (the round trip time for a packet to go from a client to your endpoint and back again) and jitter (the variation of latency), and increasing throughput (amount of data transferred in a second) as compared to the public internet.
- Global Accelerator uses the vast, well-monitored, congestion-free, redundant AWS global network to route TCP and UDP traffic to a healthy application endpoint in the closest AWS Region to the user.
- is a global service that supports endpoints in multiple AWS Regions.
- supports AWS application endpoints, such as ALBs, NLBs, EC2 Instances, and Elastic IPs without making user-facing changes.
- provides two global static public IPs that act as a fixed entry point to the application hosted in one or more AWS Regions, improving availability.
- helps anycast the static IP addresses from the AWS edge network which serves as the frontend interface of the applications.
- Using static IP addresses ensures you don’t need to make any client-facing changes or update DNS records as you modify or replace endpoints.
- allows you to bring your own IP addresses (BYOIP) and use them as a fixed entry point to the application endpoints
- Global Accelerator allocates two static IPv4 addresses serviced by independent network zones which isolated units with their own set of physical infrastructure and service IP addresses from a unique IP subnet. If one IP address from a network zone becomes unavailable, due to network disruptions or IP address blocking by certain client networks, the client applications can retry using the healthy static IP address from the other isolated network zone.
- currently supports IPv4 addresses.
- continuously monitors the health of the application endpoints by using TCP, HTTP, and HTTPS health checks.
- automatically re-routes the traffic to the nearest healthy available endpoint to mitigate endpoint failure.
- terminates TCP connections from clients at AWS edge locations and, almost concurrently, establishes a new TCP connection with your endpoints. This gives clients faster response times (lower latency) and increased throughput.
- supports Client Affinity which helps build stateful applications.
- supports Client IP address preservation except for NLBs and EIPs endpoints.
- integrates with AWS Shield Standard, which minimizes application downtime and latency from DDoS attacks by using always-on network flow monitoring and automated in-line mitigation.
- does not support on-premises endpoints. However, an NLB can be configured to address the on-premises endpoints while Global Accelerator points to the NLB.
Global Accelerator vs CloudFront
- Global Accelerator and CloudFront both use the AWS global network and its edge locations around the world.
- Both services integrate with AWS Shield for DDoS protection.
- CloudFront improves performance for both cacheable content (such as images and videos) and dynamic content (such as API acceleration and dynamic site delivery).
- Global Accelerator improves performance for a wide range of applications over TCP or UDP by proxying packets at the edge to applications running in one or more AWS Regions.
- Use Cases
- CloudFront is a good fit for HTTP use cases
- Global Accelerator is a good fit for non-HTTP use cases, such as gaming (UDP), IoT (MQTT), or VoIP, as well as for HTTP use cases that require static IP addresses or deterministic, fast regional failover.
- CloudFront supports Edge caching
- Global Accelerator does not support Edge Caching.
AWS Certification Exam Practice Questions
- Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
- AWS services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
- AWS exam questions are not updated to keep up the pace with AWS updates, so even if the underlying feature has changed the question might not be updated
- Open to further feedback, discussion and correction.
- What features does AWS Global Accelerator provide? (Select TWO)
- Improved security
Improved cost optimization
- A company that develops web applications has launched hundreds of Application Load Balancers (ALBs) in multiple Regions. The company wants to create an allow list for the IPs of all the load balancers on its firewall device. A solutions architect is looking for a one-time, highly available solution to address this request, which will also help reduce the number of IPs that need to be allowed by the firewall. What should the solutions architect recommend to meet these requirements?
- Create an AWS Lambda function to keep track of the IPs for all the ALBs in different Regions. Keep refreshing this list.
- Set up a Network Load Balancer (NLB) with Elastic IPs. Register the private IPs of all the ALBs as targets to this NLB.
- Launch AWS Global Accelerator and create endpoints for all the Regions. Register all the ALBs in different Regions to the corresponding endpoints.
- Set up an Amazon EC2 instance, assign an Elastic IP to this EC2 instance, and configure the instance as a proxy to forward traffic to all the ALBs.