Our blog for AWS experts
Practical guides, architecture patterns, and AWS best practices from the VizCon team.
Transit Gateway Flow Logs: monitor and audit inter-VPC traffic on AWS
Complete guide to AWS Transit Gateway Flow Logs: how they differ from VPC Flow Logs, enabling via CLI and Terraform, Athena setup with partition projection, and cross-account traffic auditing queries.
What is AWS Global Accelerator? Routing, Anycast, and multi-region failover explained
AWS Global Accelerator routes traffic through AWS's private backbone using Anycast IPs — practical guide to setup, multi-region failover, pricing, and comparison with CloudFront.
AWS Network Firewall: centralized egress inspection and IPS for AWS environments
A practical guide to AWS Network Firewall: centralized inspection architecture, stateful rules, domain filtering, Suricata IPS rules, and how it compares to security groups and NACLs.
AWS Transit Gateway: architecture, route tables, and multi-account networking
Deep dive into AWS Transit Gateway: attachments, route table segmentation, cross-account RAM sharing, centralized egress, cross-region peering, and Terraform examples.
What is AWS Direct Connect? A practical guide to hybrid cloud connectivity
AWS Direct Connect explained: dedicated connections, Virtual Interfaces, Direct Connect Gateway, BGP routing, redundancy patterns, and when to choose DX over VPN.
VPC Peering: how it works, limits, and when to use it
Complete guide to AWS VPC peering: how to set up cross-account and cross-region connections, routing configuration, CIDR planning, limits, and comparison with Transit Gateway.
VPC Flow Logs: enable, query, and analyze AWS network traffic
Complete guide to VPC Flow Logs: enabling to S3 and CloudWatch, Athena table setup with partition projection, useful queries, CloudWatch Logs Insights, and cost optimization.
VPC Peering vs Transit Gateway: which to choose for your AWS network?
Detailed comparison of VPC peering and AWS Transit Gateway: feature matrix, cost breakdown for 10-VPC environments, when each makes sense, and how to combine both.
What is Amazon CloudWatch? Metrics, logs, alarms, and pricing explained
A practical guide to Amazon CloudWatch: namespaces, metrics, dimensions, Logs Insights queries, alarms, dashboards, EventBridge, and pricing — for engineers new to AWS observability.
What is AWS Fargate? Serverless containers on ECS and EKS explained
A practical guide to AWS Fargate: how it works, networking with awsvpc, IAM roles, pricing, Fargate vs EC2 launch type, and common deployment patterns.
AWS architecture diagrams: tools, approaches, and automation in 2025
Manual, IaC-generated, or auto-discovery — a practical guide to AWS architecture diagrams for cloud architects and DevOps teams, with tool comparisons and workflow tips.
AWS diagram tools comparison: VizCon vs Lucidchart vs manual documentation (2025 guide)
Compare AWS diagram tools in 2025. VizCon vs Lucidchart vs manual methods — features, pricing, automation, and ROI analysis for cloud architects.
AWS VPC architecture: best practices for scaling from 1 to 1000+ VPCs
When it comes to expanding your AWS network, some mistakes can lead to security vulnerabilities or routing issues. Best practices and network architecture examples.
Hardening AWS security: a proactive approach with CloudTrail, Athena and Lambda
A comprehensive solution for monitoring and detecting risky activities in an AWS environment using CloudTrail, Athena and Lambda.
Access your AWS non-production environment from everywhere
How to reduce IP whitelist maintenance pain by setting up a centralized VPN VPC with AWS Client VPN — from hundreds of IPs down to just 2.
AWS Organizations operator framework
Run operation scripts across an AWS organization in parallel using Step Functions and Lambda — process all accounts and regions in minutes, not hours.