{"id":6884,"date":"2024-04-12T11:46:35","date_gmt":"2024-04-12T09:46:35","guid":{"rendered":"https:\/\/blog.besharp.it\/?p=6884"},"modified":"2024-04-12T11:49:36","modified_gmt":"2024-04-12T09:49:36","slug":"vpc-lattice-yet-another-connectivity-option-or-a-game-changer","status":"publish","type":"post","link":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/","title":{"rendered":"VPC Lattice: yet another connectivity option or a game-changer?"},"content":{"rendered":"\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>&#8220;Live as if you were to die tomorrow. Learn as if you were to live forever&#8221; <\/p>\n<cite>&#8211;&nbsp; Mahatma Gandhi<\/cite><\/blockquote>\n\n\n\n<p>I like learning new things, and I am lucky because a significant part of my work involves learning new technologies and evaluating how to use them to solve new and existing problems.<\/p>\n\n\n\n<p>In the past few years, we described many connectivity options to connect our workloads running on AWS (<a href=\"https:\/\/blog.besharp.it\/networking-design-approaches-for-landing-zone-based-organizations-on-aws\/\" target=\"_blank\" rel=\"noreferrer noopener\">Transit Gateways<\/a>, Load balancing, <a href=\"https:\/\/blog.besharp.it\/vpc-shared-vs-multi-vpc-choosing-the-best-suits-for-your-organization\/\" target=\"_blank\" rel=\"noreferrer noopener\">Shared VPCs<\/a>, <a href=\"https:\/\/blog.besharp.it\/aws-elastic-load-balancing-tips-and-tricks-from-basic-to-pro\/\" target=\"_blank\" rel=\"noreferrer noopener\">PrivateLink and Endpoint Services<\/a>, and VPC peering&#8230;)&nbsp;<\/p>\n\n\n\n<p>Last year, <strong>VPC Lattice<\/strong> reached General Availability, offering a new option for us to explore.\u00a0You may be wondering why we should learn how to use another service when we already have so many options to choose from&#8230; Well, let&#8217;s find out!<\/p>\n\n\n\n<p>In this article, we&#8217;ll see that we needed to add another thing&#8230; Let&#8217;s see what this service offers, how it differs from the other connectivity options we already know, and a simple use case.<\/p>\n\n\n\n<p>So, without any further ado, let&#8217;s dig in!<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Where VPC Lattice stands<\/h2>\n\n\n\n<p>As we saw in previous articles, microservices are an architectural approach that allows developers to build and deploy software faster. However, it introduces challenges: single applications now consist of numerous individual components that can be distributed in different AWS accounts and must communicate with each other, and various technologies can be used together: Lambdas, EKS, ECS, and EC2.<\/p>\n\n\n\n<p>We must face tasks like service discovery, traffic routing, authorization, security, and detailed metrics. There are scenarios where a strict microservice communication and authorization policy is complex to implement using &#8220;classical&#8221; network approaches.&nbsp;<\/p>\n\n\n\n<p>Think about allowing communication only between two microservices in different AWS accounts, blocking every other traffic without implementing custom solutions and authentication.<\/p>\n\n\n\n<p>VPC Lattice aims to help organizations overcome these challenges while keeping a secure and manageable approach. <\/p>\n\n\n\n<p>It enables developers to <strong>manage microservices definition, authorization, and configuration, while administrators can manage infrastructure, network, communication policies, and governance;<\/strong> we&#8217;ll see more in the following sections.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">VPC Lattice Components<\/h2>\n\n\n\n<p>VPC Lattice has some key components:&nbsp;<\/p>\n\n\n\n<ul>\n<li><strong>Service<\/strong>: a VPC Lattice service represents an application and its resources: computational (such as lambdas, EKS pods, EC2 instances), listeners (port and protocols involved), and routing rules to address traffic (weighted routing, path routing, and so on). The application team typically manages these aspects and can be autonomously defined. A service can be shared using AWS Resource Access Manager with other AWS accounts, even outside an organization.<\/li>\n\n\n\n<li><strong>Service Network<\/strong>: a service network is a new concept because it&#8217;s a logical grouping of services that facilitates connectivity. It can also be shared using AWS Resource Access Manager. This kind of resource is usually defined by infrastructure or network administrators.<\/li>\n\n\n\n<li><strong>Service Directory: <\/strong>the list of service networks that can be used, shared with AWS RAM<\/li>\n\n\n\n<li><strong>Auth Policies: <\/strong>IAM documents that can define access to resources. Auth policies differ from IAM policies because they aren&#8217;t attached to users, groups, or roles but are used with services and service networks. They can allow a IAM user, a IAM Role, or other services access to the attached service. They define new specific conditions, such as &nbsp;<\/li>\n<\/ul>\n\n\n\n<pre class=\"wp-block-preformatted\">vpc-lattice-svcs:RequestMethod<\/pre>\n\n\n\n<p>to filter allowed methods. For a complete list, you can have a look at <a href=\"https:\/\/docs.aws.amazon.com\/vpc-lattice\/latest\/ug\/auth-policies.html#auth-policies-condition-keys\">the documentation<\/a>. <\/p>\n\n\n\n<p>Let&#8217;s see which steps are required to set up VPC Lattice.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Putting all together<\/h2>\n\n\n\n<p>Let&#8217;s briefly look at the roles and steps involved in setting up the communication.&nbsp;<\/p>\n\n\n\n<ol>\n<li>The infrastructure admin defines a <strong>Service Network<\/strong>&nbsp;<\/li>\n\n\n\n<li>The infrastructure admin shares the Service Network using <strong>AWS RAM<\/strong><\/li>\n\n\n\n<li>The service owner defines a <strong>VPC Lattice Service<\/strong> and its authorization policies<\/li>\n\n\n\n<li>The service owner associates the <strong>Service<\/strong> with the Service Network<\/li>\n\n\n\n<li>The infrastructure admin <strong>associates<\/strong> the Service Network with the <strong>VPCs<\/strong>&nbsp;<\/li>\n<\/ol>\n\n\n\n<p>As you can see, there is a certain degree of independence in managing services, so dependencies between teams and operations are reduced.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">A practical example of VPC Lattice usage<\/h2>\n\n\n\n<p>For our example, we will use the sample infrastructure and applications from <a href=\"https:\/\/github.com\/aws-samples\/build-secure-multi-account-vpc-connnectivity-applications-with-amazon-vpc-lattice\">this URL<\/a> and analyze the key components deployed on the AWS Console.&nbsp;<\/p>\n\n\n\n<p>You can deploy the reference architecture using the instructions contained in the <em>ReadMe<\/em> file in the repository.<\/p>\n\n\n\n<p>You can also use three different VPCs belonging to a single account to ease the deployment process (as we&#8217;ll do in this article).<\/p>\n\n\n\n<p>&nbsp;You&#8217;ll end with this sample infrastructure:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"778\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-1024x778.png\" alt=\"\" class=\"wp-image-6887\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-1024x778.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-395x300.png 395w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-768x584.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-1536x1167.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/1-2048x1556.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><em>Image source: <a href=\"https:\/\/www.google.com\/url?q=https:\/\/github.com\/aws-samples\/build-secure-multi-account-vpc-connnectivity-applications-with-amazon-vpc-lattice&amp;sa=D&amp;source=docs&amp;ust=1712841754699496&amp;usg=AOvVaw2XpSZ9m6Ig-Q2cSCzQKJRF\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/github.com\/aws-samples\/build-secure-multi-account-vpc-connnectivity-applications-with-amazon-vpc-lattice<\/a><\/em><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>In our example, App1 and App2 will need to communicate bidirectionally, and App3 will be consumed by App1, App2, and App4.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"769\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2-1024x769.png\" alt=\"\" class=\"wp-image-6889\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2-1024x769.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2-400x300.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2-768x576.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2-1536x1153.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/2.png 1668w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><em>Image source: <a href=\"https:\/\/www.google.com\/url?q=https:\/\/github.com\/aws-samples\/build-secure-multi-account-vpc-connnectivity-applications-with-amazon-vpc-lattice&amp;sa=D&amp;source=docs&amp;ust=1712841754699496&amp;usg=AOvVaw2XpSZ9m6Ig-Q2cSCzQKJRF\" target=\"_blank\" rel=\"noreferrer noopener\">https:\/\/github.com\/aws-samples\/build-secure-multi-account-vpc-connnectivity-applications-with-amazon-vpc-lattice<\/a><\/em><\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>The deployment process will take about 10 &#8211; 15 minutes, and you will see that our microservices can communicate.&nbsp;<\/p>\n\n\n\n<p><strong>Bug Alert:&nbsp;<\/strong>there&#8217;s a missing step in the deployment instructions; these two lines will make the deployment fail:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">export TARGETCLUSTER1={TARGET_GROUP_ARN}\nexport TARGETCLUSTER2={TARGET_GROUP_ARN}\n<\/pre>\n\n\n\n<p>You need to change these exports using values from the VPC lattice target groups.&nbsp;<\/p>\n\n\n\n<p>For TARGETCLUSTER1, use the k8s-frontend-default arn; for TARGETCLUSTER2, use the arn for k8s-backend-default. This is a sample from our deployment:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"527\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-1024x527.png\" alt=\"\" class=\"wp-image-6892\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-1024x527.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-400x206.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-768x395.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-1536x791.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/3-2048x1054.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>When the CloudFormation deployment finishes, you should have these CloudFormation stacks:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"527\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-1024x527.png\" alt=\"\" class=\"wp-image-6894\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-1024x527.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-400x206.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-768x395.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-1536x791.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/4-2048x1054.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Let&#8217;s see the resources created to describe them. First, the service network:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"571\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-1024x571.png\" alt=\"\" class=\"wp-image-6896\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-1024x571.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-400x223.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-768x428.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-1536x856.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/5-2048x1142.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>As you can see, four services are associated; you can also see VPCs associated with the service network:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"571\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-1024x571.png\" alt=\"\" class=\"wp-image-6898\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-1024x571.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-400x223.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-768x428.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-1536x856.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/6-2048x1142.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now VPC Lattice target groups: <\/p>\n\n\n\n<p>Our Lambda, Autoscaling group, and EKS are added as targets, and like ELB target groups, you can see metrics and define health checks.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"571\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-1024x571.png\" alt=\"\" class=\"wp-image-6900\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-1024x571.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-400x223.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-768x428.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-1536x856.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/7-2048x1142.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Note that to register our targets managed by EKS clusters, we had to deploy the Gateway API Controller Class into the cluster and register the service using the configuration deployed with the commands:<\/p>\n\n\n\n<pre class=\"wp-block-preformatted\">kubectl config use-context cluster1\nkubectl apply -f .\/vpc-lattice\/routes\/frontend-export.yaml\n\nkubectl config use-context cluster2\nkubectl apply -f .\/vpc-lattice\/routes\/backend-export.yaml\n<\/pre>\n\n\n\n<p>Last but not least, let&#8217;s see the defined services. You can access them using the DNS domain name defined by VPC Lattice<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"571\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-1024x571.png\" alt=\"\" class=\"wp-image-6902\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-1024x571.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-400x223.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-768x428.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-1536x856.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/8-2048x1142.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>You can find the complete list of domain names defined by looking at the Outputs of the CloudFormation stack named &#8220;lattice-services&#8221;:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"571\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-1024x571.png\" alt=\"\" class=\"wp-image-6904\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-1024x571.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-400x223.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-768x428.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-1536x856.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/9-2048x1142.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Each service also has its routing; in this case, you can see that \/backend path for service3 forwards to cluster2, while \/lambda forwards requests to the lambda application:<\/p>\n\n\n\n<p><\/p>\n\n\n\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"573\" defer\" defer\" defer\" src=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-1024x573.png\" alt=\"\" class=\"wp-image-6906\" srcset=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-1024x573.png 1024w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-400x224.png 400w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-768x430.png 768w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-1536x860.png 1536w, https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/10-2048x1147.png 2048w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><\/figure>\n\n\n\n<p><\/p>\n\n\n\n<p>Now that you have a deployed infrastructure, feel free to experiment and modify the behaviour of your application and environment (why don&#8217;t you try IAM authentication between services? ).&nbsp;<\/p>\n\n\n\n<p>This is only a starting point, and you can also find an excellent AWS workshop with a good walkthrough <a href=\"https:\/\/catalog.workshops.aws\/handsonwithvpclattice\/en-US\/labs\/lab1\/targetgroup\" target=\"_blank\" rel=\"noreferrer noopener\">here<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Last but not least: is VPC Lattice the right technology for my use case?&nbsp;<\/h2>\n\n\n\n<p>The correct answer is, as always: &#8220;It depends&#8221;. Let&#8217;s evaluate the limits and their impact on our design.&nbsp;<\/p>\n\n\n\n<p>The first is the mandatory <strong>one-to-one association between a VPC and a Service Network<\/strong>. Once you define an association, you cannot make your service available to other service networks, so you need to plan the implementation carefully.&nbsp;<\/p>\n\n\n\n<p>You cannot share services between different regions because <strong>a Service Network is a regional construct<\/strong>: you&#8217;ll need to use a hybrid approach, resorting to traditional&#8221; connectivity methods, like Transit Gateway Peering and VPC Peering.<\/p>\n\n\n\n<p>On the other hand, there are great <strong>benefits<\/strong>: you can free service owners to configure and offer by themselves their components while keeping centralized control in a complex environment.<\/p>\n\n\n\n<p>We didn&#8217;t have a look at IAM policies, but <strong>implementing IAM Authentication and Authorization is the key to a secure microservice implementation<\/strong>.&nbsp;<\/p>\n\n\n\n<p>VPC Lattice also offers a complete service mesh solution because it can link EC2, EKS, ECS, and Lambda workloads.&nbsp;<\/p>\n\n\n\n<p>Cost is another important factor: <strong>as your service mesh grows, costs increase proportionally<\/strong>.<\/p>\n\n\n\n<p>You pay 0.025$\/hour for each service. If you have 10 services you pay 182.5$\/month. A different approach can have a smaller impact on AWS billing for complex architectures with hundreds of microservices.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">That&#8217;s all for today!<\/h2>\n\n\n\n<p>Microservices aren&#8217;t simple: they can increase the overall complexity of the architecture and require good planning and management over time.&nbsp;<\/p>\n\n\n\n<p>Have you already had the chance to experiment with VPC Lattice? What are your thoughts about this new approach? <\/p>\n\n\n\n<p>Let us know in the comments!<\/p>\n\n\n\n<hr class=\"wp-block-separator has-alpha-channel-opacity\"\/>\n\n\n\n<h4 class=\"wp-block-heading\">About Proud2beCloud<\/h4>\n\n\n\n<p><strong>Proud2beCloud<\/strong>&nbsp;is a blog by&nbsp;<a href=\"https:\/\/www.besharp.it\/en\/\" target=\"_blank\" rel=\"noreferrer noopener\">beSharp<\/a>, an Italian APN Premier Consulting Partner expert in designing, implementing, and managing complex Cloud infrastructures and advanced services on AWS. Before being writers, we are Cloud Experts working daily with AWS services since 2007. We are hungry readers, innovative builders, and gem-seekers. On Proud2beCloud, we regularly share our best AWS pro tips, configuration insights, in-depth news, tips&amp;tricks, how-tos, and many other resources. Take part in the discussion!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;Live as if you were to die tomorrow. Learn as if you were to live forever&#8221; &#8211;&nbsp; Mahatma Gandhi I [&hellip;]<\/p>\n","protected":false},"author":13,"featured_media":6929,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[470],"tags":[568,691],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v21.9.1 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>VPC Lattice: yet another connectivity option or a game-changer? - Proud2beCloud Blog<\/title>\n<meta name=\"description\" content=\"In 2023, VPC Lattice was released GA. In this article, we&#039;ll see what it offers and how it differs from other connectivity options.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"VPC Lattice: yet another connectivity option or a game-changer?\" \/>\n<meta property=\"og:description\" content=\"In 2023, VPC Lattice was released GA. In this article, we&#039;ll see what it offers and how it differs from other connectivity options.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/\" \/>\n<meta property=\"og:site_name\" content=\"Proud2beCloud Blog\" \/>\n<meta property=\"article:published_time\" content=\"2024-04-12T09:46:35+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-12T09:49:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/besharp-blog-2024-04-12_eng.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"628\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Damiano Giorgi\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"VPC Lattice: yet another connectivity option or a game-changer?\" \/>\n<meta name=\"twitter:description\" content=\"In 2023, VPC Lattice was released GA. In this article, we&#039;ll see what it offers and how it differs from other connectivity options.\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/besharp-blog-2024-04-12_eng.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Damiano Giorgi\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"9 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/\",\"url\":\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/\",\"name\":\"VPC Lattice: yet another connectivity option or a game-changer? - Proud2beCloud Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.besharp.it\/#website\"},\"datePublished\":\"2024-04-12T09:46:35+00:00\",\"dateModified\":\"2024-04-12T09:49:36+00:00\",\"author\":{\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/a9195473e4a658b45cb12d3df3fdf293\"},\"description\":\"In 2023, VPC Lattice was released GA. In this article, we'll see what it offers and how it differs from other connectivity options.\",\"breadcrumb\":{\"@id\":\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.besharp.it\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"VPC Lattice: yet another connectivity option or a game-changer?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.besharp.it\/#website\",\"url\":\"https:\/\/blog.besharp.it\/\",\"name\":\"Proud2beCloud Blog\",\"description\":\"il blog di beSharp\",\"alternateName\":\"Proud2beCloud Blog\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.besharp.it\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/a9195473e4a658b45cb12d3df3fdf293\",\"name\":\"Damiano Giorgi\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.besharp.it\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/9a20b8c97250d4fb49857192f7e4bedf?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/9a20b8c97250d4fb49857192f7e4bedf?s=96&d=mm&r=g\",\"caption\":\"Damiano Giorgi\"},\"description\":\"Ex sistemista on-prem, pigro e incline all'automazione di task noiosi. Alla ricerca costante di novit\u00e0 tecnologiche e quindi passato al cloud per trovare nuovi stimoli. L'unico hardware a cui mi dedico ora \u00e8 quello del mio basso; se non mi trovate in ufficio o in sala prove provate al pub o in qualche aeroporto!\",\"url\":\"https:\/\/blog.besharp.it\/author\/damiano-giorgi\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"VPC Lattice: yet another connectivity option or a game-changer? - Proud2beCloud Blog","description":"In 2023, VPC Lattice was released GA. In this article, we'll see what it offers and how it differs from other connectivity options.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/","og_locale":"en_US","og_type":"article","og_title":"VPC Lattice: yet another connectivity option or a game-changer?","og_description":"In 2023, VPC Lattice was released GA. In this article, we'll see what it offers and how it differs from other connectivity options.","og_url":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/","og_site_name":"Proud2beCloud Blog","article_published_time":"2024-04-12T09:46:35+00:00","article_modified_time":"2024-04-12T09:49:36+00:00","og_image":[{"width":1200,"height":628,"url":"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/besharp-blog-2024-04-12_eng.jpg","type":"image\/jpeg"}],"author":"Damiano Giorgi","twitter_card":"summary_large_image","twitter_title":"VPC Lattice: yet another connectivity option or a game-changer?","twitter_description":"In 2023, VPC Lattice was released GA. In this article, we'll see what it offers and how it differs from other connectivity options.","twitter_image":"https:\/\/blog.besharp.it\/wp-content\/uploads\/2024\/04\/besharp-blog-2024-04-12_eng.jpg","twitter_misc":{"Written by":"Damiano Giorgi","Est. reading time":"9 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/","url":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/","name":"VPC Lattice: yet another connectivity option or a game-changer? - Proud2beCloud Blog","isPartOf":{"@id":"https:\/\/blog.besharp.it\/#website"},"datePublished":"2024-04-12T09:46:35+00:00","dateModified":"2024-04-12T09:49:36+00:00","author":{"@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/a9195473e4a658b45cb12d3df3fdf293"},"description":"In 2023, VPC Lattice was released GA. In this article, we'll see what it offers and how it differs from other connectivity options.","breadcrumb":{"@id":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.besharp.it\/vpc-lattice-yet-another-connectivity-option-or-a-game-changer\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.besharp.it\/"},{"@type":"ListItem","position":2,"name":"VPC Lattice: yet another connectivity option or a game-changer?"}]},{"@type":"WebSite","@id":"https:\/\/blog.besharp.it\/#website","url":"https:\/\/blog.besharp.it\/","name":"Proud2beCloud Blog","description":"il blog di beSharp","alternateName":"Proud2beCloud Blog","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.besharp.it\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/a9195473e4a658b45cb12d3df3fdf293","name":"Damiano Giorgi","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.besharp.it\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/9a20b8c97250d4fb49857192f7e4bedf?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/9a20b8c97250d4fb49857192f7e4bedf?s=96&d=mm&r=g","caption":"Damiano Giorgi"},"description":"Ex sistemista on-prem, pigro e incline all'automazione di task noiosi. Alla ricerca costante di novit\u00e0 tecnologiche e quindi passato al cloud per trovare nuovi stimoli. L'unico hardware a cui mi dedico ora \u00e8 quello del mio basso; se non mi trovate in ufficio o in sala prove provate al pub o in qualche aeroporto!","url":"https:\/\/blog.besharp.it\/author\/damiano-giorgi\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts\/6884"}],"collection":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/users\/13"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/comments?post=6884"}],"version-history":[{"count":10,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts\/6884\/revisions"}],"predecessor-version":[{"id":6932,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/posts\/6884\/revisions\/6932"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/media\/6929"}],"wp:attachment":[{"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/media?parent=6884"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/categories?post=6884"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.besharp.it\/wp-json\/wp\/v2\/tags?post=6884"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}