AWS Global Accelerator

(1)

AWS Global Accelerator

Developer Guide

(2)

AWS Global Accelerator: Developer Guide

Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be aﬃliated with, connected to, or sponsored by Amazon.

(3)

What is AWS Global Accelerator?

AWS Global Accelerator is a service in which you create accelerators to improve the performance of your applications for local and global users. Depending on the type of accelerator you choose, you can gain additional beneﬁts.

• By using a standard accelerator, you can improve availability of your internet applications that are used by a global audience. With a standard accelerator, Global Accelerator directs traﬃc over the AWS global network to endpoints in the nearest Region to the client.

• By using a custom routing accelerator, you can map one or more users to a speciﬁc destination among many destinations.

Global Accelerator is a global service that supports endpoints in multiple AWS Regions. To determine if Global Accelerator or other services are currently supported in a speciﬁc AWS Region, see the AWS Regional Services List.

By default, Global Accelerator provides you with two static IP addresses that you associate with your accelerator. With a standard accelerator, instead of using the IP addresses that Global Accelerator provides, you can conﬁgure these entry points to be IPv4 addresses from your own IP address ranges that you bring to Global Accelerator. The static IP addresses are anycast from the AWS edge network.

Important

The static IP addresses remain assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator, you lose the static IP addresses that are assigned to it, so you can no longer route traﬃc by using them. You can use IAM policies like tag-based permissions with Global Accelerator to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

For standard accelerators, Global Accelerator uses the AWS global network to route traffic to the optimal regional endpoint based on health, client location, and policies that you configure, which increases the availability of your applications. Endpoints for standard accelerators can be Network Load Balancers, Application Load Balancers, Amazon EC2 instances, or Elastic IP addresses that are located in one AWS Region or multiple Regions. The service reacts instantly to changes in health or configuration to ensure that internet traffic from clients is always directed to healthy endpoints.

Custom routing accelerators only support virtual private cloud (VPC) subnet endpoint types and route traﬃc to private IP addresses in that subnet.

Topics

• AWS Global Accelerator components (p. 2)

• How AWS Global Accelerator works (p. 3)

• Types of accelerators (p. 6)

• Location and IP address ranges of Global Accelerator edge servers (p. 7)

• AWS Global Accelerator use cases (p. 7)

• AWS Global Accelerator Speed Comparison Tool (p. 8)

• How to get started with AWS Global Accelerator (p. 9)

• Tagging in AWS Global Accelerator (p. 9)

(7)

Components

• Pricing for AWS Global Accelerator (p. 11)

AWS Global Accelerator components

AWS Global Accelerator includes the following components:

Static IP addresses

Global Accelerator provides you with a set of two static IP addresses that are anycast from the AWS edge network. If you bring your own IP address range to AWS (BYOIP) to use with Global Accelerator, you can instead assign IP addresses from your own pool to use with your accelerator. For more information, see Bring your own IP addresses (BYOIP) in AWS Global Accelerator (p. 53).

The IP addresses serve as single ﬁxed entry points for your clients. If you already have Elastic Load Balancing load balancers, Amazon EC2 instances, or Elastic IP address resources set up for your applications, you can easily add those to a standard accelerator in Global Accelerator. This allows Global Accelerator to use static IP addresses to access the resources.

The static IP addresses remain assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator, you lose the static IP addresses that are assigned to it, so you can no longer route traﬃc by using them. You can use IAM policies like tag-based permissions with Global Accelerator to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

Accelerator

An accelerator directs traﬃc to endpoints over the AWS global network to improve the performance of your internet applications. Each accelerator includes one or more listeners.

There are two types of accelerators:

• A standard accelerator directs traﬃc to the optimal AWS endpoint based on several factors, including the user’s location, the health of the endpoint, and the endpoint weights that you conﬁgure. This improves the availability and performance of your applications. Endpoints can be Network Load Balancers, Application Load Balancers, Amazon EC2 instances, or Elastic IP addresses.

• A custom routing accelerator lets you deterministically route multiple users to a speciﬁc EC2 destination behind your accelerator, as is required for some use cases. You do this by directing users to a unique IP address and port on your accelerator, which Global Accelerator has mapped to the destination.

For more information, see Types of accelerators (p. 6).

DNS name

Global Accelerator assigns each accelerator a default Domain Name System (DNS) name, similar to a1234567890abcdef.awsglobalaccelerator.com, that points to the static IP addresses that Global Accelerator assigns to you or that you choose from your own IP address range. Depending on the use case, you can use your accelerator's static IP addresses or DNS name to route traﬃc to your accelerator, or set up DNS records to route traﬃc using your own custom domain name.

Network zone

A network zone services the static IP addresses for your accelerator from a unique IP subnet.

Similar to an AWS Availability Zone, a network zone is an isolated unit with its own set of physical infrastructure. When you conﬁgure an accelerator, by default, Global Accelerator allocates two IPv4 addresses for it. If one IP address from a network zone becomes unavailable due to IP address blocking by certain client networks, or network disruptions, then client applications can retry on the healthy static IP address from the other isolated network zone.

(8)

How it works

Listener

A listener processes inbound connections from clients to Global Accelerator, based on the port (or port range) and protocol (or protocols) that you configure. A listener can be configured for TCP, UDP, or both TCP and UDP protocols. Each listener has one or more endpoint groups associated with it, and traffic is forwarded to endpoints in one of the groups. You associate endpoint groups with listeners by specifying the Regions that you want to distribute traffic to. With a standard accelerator, traffic is distributed to optimal endpoints within the endpoint groups associated with a listener.

Endpoint group

Each endpoint group is associated with a specific AWS Region. Endpoint groups include one or more endpoints in the Region. With a standard accelerator, you can increase or reduce the percentage of traffic that would be otherwise directed to an endpoint group by adjusting a setting called a traffic dial. The traffic dial lets you easily do performance testing or blue/green deployment testing, for example, for new releases across different AWS Regions.

Endpoint

An endpoint is the resource that Global Accelerator directs traﬃc to.

Endpoints for standard accelerators can be Network Load Balancers, Application Load Balancers, EC2 instances, or Elastic IP addresses. An Application Load Balancer endpoint can be an internet- facing or internal. Traffic for standard accelerators is routed to endpoints based on the health of the endpoint along with configuration options that you choose, such as endpoint weights. For each endpoint, you can configure weights, which are numbers that you can use to specify the proportion of traffic to route to each one. This can be useful, for example, to do performance testing within a Region.

Endpoints for custom routing accelerators are virtual private cloud (VPC) subnets with one or many Amazon EC2 instances that are the destinations for traﬃc.

How AWS Global Accelerator works

The static IP addresses provided by AWS Global Accelerator serve as single ﬁxed entry points for your clients. When you set up your accelerator with Global Accelerator, you associate the static IP addresses to regional endpoints in one or more AWS Regions. For standard accelerators, the endpoints are Network Load Balancers, Application Load Balancers, Amazon EC2 instances, or Elastic IP addresses. For custom routing accelerators, endpoints are virtual private cloud (VPC) subnets with one or more EC2 instances.

The static IP addresses accept incoming traﬃc onto the AWS global network from the edge location that is closest to your users.

NoteIf you bring your own IP address range to AWS (BYOIP) to use with Global Accelerator, you can instead assign static IP addresses from your own pool to use with your accelerator. For more information, see Bring your own IP addresses (BYOIP) in AWS Global Accelerator (p. 53).

From the edge location, traﬃc for your application is routed based on the type of accelerator that you conﬁgure.

• For standard accelerators, traﬃc is routed to the optimal AWS endpoint based on several factors, including the user’s location, the health of the endpoint, and the endpoint weights that you conﬁgure.

• For custom routing accelerators, each client is routed to a speciﬁc Amazon EC2 instance and port in a VPC subnet, based on the external static IP address and listener port that you provide.

Traﬃc travels over the well-monitored, congestion-free, redundant AWS global network to the endpoint.

By maximizing the time that traﬃc is on the AWS network, Global Accelerator ensures that traﬃc is always routed over the optimum network path.

(9)

Idle timeout

With some endpoint types (in some AWS Regions (p. 63)), you have the option to preserve and access the client IP address. Two types of endpoints can preserve the source IP address of the client in incoming packets: Application Load Balancers and Amazon EC2 instances. Global Accelerator does not support client IP address preservation for Network Load Balancer and Elastic IP address endpoints. Endpoints on custom routing accelerators always have the client IP address preserved.

Global Accelerator terminates TCP connections from clients at AWS edge locations and, almost concurrently, establishes a new TCP connection with your endpoints. This gives clients faster response times (lower latency) and increased throughput.

In standard accelerators, Global Accelerator continuously monitors the health of all endpoints, and instantly begins directing traﬃc to another available endpoint when it determines that an active endpoint is unhealthy. This allows you to create a high-availability architecture for your applications on AWS. Health checks aren't used with custom routing accelerators and there is no failover, because you specify the destination to route traﬃc to.

When you add an accelerator, security groups and AWS WAF rules that you have already conﬁgured continue to work as they did before you added the accelerator.

If you want fine-grained control over your global traffic, you can configure weights for your endpoints in a standard accelerator. You can also increase (dial up) or decrease (dial down) the percentage of traffic to a particular endpoint group, for example, for performance testing or stack upgrades.

Be aware of the following when you use Global Accelerator:

• IP address advertising: AWS Direct Connect does not advertise IP address preﬁxes for AWS Global Accelerator over a public virtual interface. We recommend that you do not advertise IP addresses that you use to communicate with Global Accelerator over your AWS Direct Connect public virtual interface.

If you advertise IP addresses that you use to communicate with Global Accelerator over your AWS Direct Connect public virtual interface, it will result in an asymmetric traffic flow: your traffic toward Global Accelerator goes to Global Accelerator over the internet, but return traffic coming to your on- premises network comes over your AWS Direct Connect public virtual interface.

• IP fragmentation: IP packets that are too large to ﬁt into a standard Ethernet frame (1500+ bytes) when transmitted across the internet or other large networks are fragmented by intermediate routers and sent individually. The TCP protocol does not require IP fragmentation because clients and endpoints automatically negotiate a smaller Maximum Segment Size (MSS). However, the UDP protocol requires IP fragmentation. When packets are fragmented, Global Accelerator forwards UDP fragments to the conﬁgured endpoint, which reassembles the original IP packet. Global Accelerator drops TCP fragments at the edge, because they are not supported by the AWS network.

• Cross-account resources: When you add a resource as an endpoint in Global Accelerator, the resource cannot belong to another AWS account.

Topics

• Idle timeout in AWS Global Accelerator (p. 4)

• Static IP addresses in AWS Global Accelerator (p. 5)

• Traffic flow management with traffic dials and endpoint weights (p. 5)

• Health checks for AWS Global Accelerator (p. 6)

Idle timeout in AWS Global Accelerator

AWS Global Accelerator sets an idle timeout period that applies to its connections. If no data has been sent or received by the time that the idle timeout period elapses, Global Accelerator closes the connection. To ensure that the connection stays alive, the client or the endpoint must send at least 1 byte of data before the idle timeout period elapses.

(10)

Static IP addresses

The Global Accelerator idle timeout for a network connection depends on the type of connection:

• The timeout is 340 seconds for TCP connections.

• The timeout is 30 seconds for UDP connections.

Global Accelerator continues to direct traﬃc to an endpoint until the idle timeout is met, even if the endpoint is marked as unhealthy. Global Accelerator selects a new endpoint, if needed, only when a new connection starts or after an idle timeout.

Static IP addresses in AWS Global Accelerator

You use the static IP addresses that Global Accelerator assigns to your accelerator—or that you specify from your own IP address pool, for standard accelerators—to route internet traﬃc to the AWS global network close to where your users are, regardless of their location. For standard accelerators, you associate the addresses with Network Load Balancers, Application Load Balancers, Amazon EC2

instances, or Elastic IP addresses that run in a single AWS Region or multiple Regions. For custom routing accelerators, you direct traffic to EC2 destinations in VPC subnets in one or more Regions. Routing traffic through the AWS global network improves availability and performance because traffic doesn't have to take multiple hops over the public internet. Using static IP addresses also lets you distribute incoming application traffic across multiple endpoint resources in multiple AWS Regions.

In addition, using static IP addresses makes it easier to add your application to more Regions or to migrate applications between Regions. Using ﬁxed IP addresses means that users have a consistent way to connect to your application as you make changes.

If you like, you can associate your own custom domain name with the static IP addresses for your accelerator. For more information, see Route custom domain traﬃc to your accelerator (p. 52).

Global Accelerator provides the static IP addresses for you from the Amazon pool of IP addresses, unless you bring your own IP address range to AWS, and then specify the static IP addresses from that pool.

(For more information, see Bring your own IP addresses (BYOIP) in AWS Global Accelerator (p. 53).) To create an accelerator on the console, the ﬁrst step is to prompt Global Accelerator to provision the static IP addresses by entering a name for your accelerator or choose your own static IP addresses. To see the steps for creating an accelerator, see Getting started with AWS Global Accelerator (p. 12).

The static IP addresses remain assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator, you lose the static IP addresses that are assigned to it, so you can no longer route traﬃc by using them.

You can use IAM policies like tag-based permissions with Global Accelerator to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

Traffic flow management with traffic dials and endpoint weights

There are two ways that you can customize how AWS Global Accelerator sends traﬃc to your endpoints with a standard accelerator:

• Change the traﬃc dial to limit the traﬃc for one or more endpoint groups

• Specify weights to change the proportion of traﬃc to the endpoints in a group

How traﬃc dials work

For each endpoint group in a standard accelerator, you can set a traffic dial to control the percentage of traffic that is sent to the endpoint group. The percentage is applied only to traffic that is already directed to the endpoint group, not to all listener traffic.

(11)

Health checks

The traﬃc dial limits the portion of traﬃc that an endpoint group accepts, expressed as a

percentage of traﬃc directed to that endpoint group. For example, if you set the traﬃc dial for an endpoint group in us-east-1 to 50 (that is, 50%) and the accelerator directs 100 user requests to that endpoint group, only 50 requests are accepted by the group. The accelerator directs the remaining 50 requests to endpoint groups in other Regions.

For more information, see Adjusting traffic flow with traffic dials (p. 29).

How weights work

For each endpoint in a standard accelerator, you can specify weights, which are numbers that change the proportion of traﬃc that the accelerator routes to each endpoint. This can be useful, for example, to do performance testing within a Region.

A weight is a value that determines the proportion of traﬃc that the accelerator directs to an endpoint. By default, the weight for an endpoint is 128—that is, half of the maximum value for a weight, 255.

The accelerator calculates the sum of the weights for the endpoints in an endpoint group, and then directs traﬃc to the endpoints based on the ratio of each endpoint's weight to the total. For an example of how weights work, see Endpoint weights (p. 34).

Traffic dials and weights affect how the standard accelerator serves traffic in different ways:

• You configure traffic dials for endpoint groups. The traffic dial lets you cut off a percentage of traffic

—or all traﬃc—to the group, by "dialing down" traﬃc that the accelerator has already directed to it based on other factors, such as proximity.

• You use weights, on the other hand, to set values for individual endpoints within an endpoint group.

Weights provide a way to divide up traﬃc within the endpoint group. For example, you can use weights to do performance testing for speciﬁc endpoints in a Region.

Note

For more information about how traﬃc dials and weights aﬀect failover, see Failover for unhealthy endpoints (p. 35).

Health checks for AWS Global Accelerator

For standard accelerators, AWS Global Accelerator automatically checks the health of the endpoints that are associated with your static IP addresses, and then directs user traﬃc only to healthy endpoints.

Global Accelerator includes default health checks that are run automatically, but you can configure the timing for the checks and other options. If you've configured custom health check settings, Global Accelerator uses those settings in specific ways, depending on your configuration. You configure those settings in Global Accelerator for Amazon EC2 instance or Elastic IP address endpoints or by configuring settings on the Elastic Load Balancing console for Network Load Balancers or Application Load Balancers.

For more information, see Changing health check options (p. 31).

When you add an endpoint to a standard accelerator, it must pass a health check to be considered healthy before traﬃc is directed to it. If Global Accelerator doesn’t have any healthy endpoints to route traﬃc to in a standard accelerator, it routes requests to all endpoints.

Types of accelerators

There are two types of accelerators that you can use with AWS Global Accelerator: standard accelerators and custom routing accelerators. Both types of accelerators route traﬃc over the AWS global network to improve performance and stability, but they're each designed for diﬀerent application needs.

(12)

Location and IP address ranges of edge servers

Standard accelerator

By using a standard accelerator, you can improve the availability and performance of your applications running on Application Load Balancers, Network Load Balancers, or Amazon EC2 instances. With a standard accelerator, Global Accelerator routes client traﬃc across regional

endpoints based on geo-proximity and endpoint health. It also allows customers to shift client traﬃc across endpoints based on controls such as traﬃc dials and endpoint weights. This works for a wide variety of use cases, including blue/green deployment, A/B testing, and multi-Region deployment.

To see more use cases, see AWS Global Accelerator use cases (p. 7).

To learn more, see Work with standard accelerators in AWS Global Accelerator (p. 22).

Custom routing accelerator

Custom routing accelerators work well for scenarios where you want to use custom application logic to direct one or more users to a specific destination and port among many, while still gaining the performance benefits of Global Accelerator. One example is VoIP applications that assign multiple callers to a specific media server to start voice, video, and messaging sessions. Another example is online real-time gaming applications where you want to assign multiple players to a single session on a game server based on factors such as geographic location, player skill, and game mode.

To learn more, see Work with custom routing accelerators in AWS Global Accelerator (p. 39).

Based on your speciﬁc needs, you create one of these types of accelerators to accelerate your customer traﬃc.

Location and IP address ranges of Global Accelerator edge servers

For a list of Global Accelerator edge server locations, see Global Edge Network on the AWS Global Accelerator features page.

AWS publishes its current IP address ranges in JSON format. To view the current ranges, download ip-ranges.json. For more information, see AWS IP address ranges in the Amazon Web Services General Reference.

To ﬁnd the IP address ranges that are associated with AWS Global Accelerator edge servers, search ip- ranges.json for the following string:

"service": "GLOBALACCELERATOR"

Global Accelerator entries that include "region": "GLOBAL" refer to the static IP addresses that are allocated to accelerators. If you want to filter for traffic through your accelerator that comes from points of presence (POPs) in one area, filter for entries that include a specific geographical area, such as us-* or eu-*. So, for example, if you filter for us-*, you will see only traffic coming through POPs in the United States (U.S.).

AWS Global Accelerator use cases

Using AWS Global Accelerator can help you accomplish a variety of goals. This section lists some of them, to give you an idea how you can use Global Accelerator to meet your needs.

Scale for increased application utilization

When application usage grows, the number of IP addresses and endpoints that you need to manage also increases. Global Accelerator enables you to scale your network up or down. It lets you associate

(13)

Speed Comparison Tool

regional resources, such as load balancers and Amazon EC2 instances, to two static IP addresses.

You include these addresses on allow lists just once in your client applications, ﬁrewalls, and DNS records. With Global Accelerator, you can add or remove endpoints in AWS Regions, run blue/

green deployment, and do A/B testing without having to update the IP addresses in your client applications. This is particularly useful for IoT, retail, media, automotive, and healthcare use cases in which you can't easily update client applications frequently.

Acceleration for latency-sensitive applications

Many applications, especially in areas such as gaming, media, mobile apps, and financials, require very low latency for a great user experience. To improve the user experience, Global Accelerator directs user traffic to the application endpoint that is nearest to the client, which reduces internet latency and jitter. Global Accelerator routes traffic to the closest edge location by using Anycast, and then routes it to the closest regional endpoint over the AWS global network. Global Accelerator quickly reacts to changes in network performance to improve your users’ application performance.

Disaster recovery and multi-Region resiliency

You must be able to rely on your network to be available. You might be running your application across multiple AWS Regions to support disaster recovery, higher availability, lower latency, or compliance. If Global Accelerator detects that your application endpoint is failing in the primary AWS Region, it instantly triggers traﬃc re-routing to your application endpoint in the next available, closest AWS Region.

Protect your applications

Exposing your AWS origins, such as Application Load Balancers or Amazon EC2 instances, to public internet traﬃc creates an opportunity for malicious attacks. Global Accelerator decreases the risk of attack by masking your origin behind two static entry points. These entry points are protected by default from Distributed Denial of Service (DDoS) attacks with AWS Shield. Global Accelerator creates a peering connection with your Amazon Virtual Private Cloud using private IP addresses, keeping connections to your internal Application Load Balancers or private EC2 instances oﬀ the public internet.

Improve performance for VoIP or online gaming applications

Using a custom routing accelerator, you can leverage the performance beneﬁts of Global Accelerator for your VoIP or gaming applications. For example, you can use Global Accelerator for online gaming applications that assign multiple players to a single gaming session. Use Global Accelerator to reduce latency and jitter globally for applications that require custom logic to map users to speciﬁc endpoints, such as multiplayer games or VoIP calls. You can use a single accelerator to connect clients to thousands of Amazon EC2 instances running in a single or multiple AWS Regions, while retaining full control over which client is directed to which EC2 instance and port.

AWS Global Accelerator Speed Comparison Tool

You can use the AWS Global Accelerator Speed Comparison Tool to see Global Accelerator download speeds compared to direct internet downloads, across AWS Regions. This tool enables you to use your browser to see the performance difference when you transfer data using Global Accelerator. You choose a file size to download, and the tool downloads files over HTTPS/TCP from Application Load Balancers in different Regions to your browser. For each Region, you see a direct comparison of the download speeds.

To access the Speed Comparison Tool, copy the following URL into your browser:

https://speedtest.globalaccelerator.aws

Important

Results may diﬀer when you run the test multiple times. Download times can vary based on factors that are external to Global Accelerator, such as the quality, capacity, and distance of the connection in the last-mile network that you're using.

(14)

How to get started

How to get started with AWS Global Accelerator

You can get started with setting up AWS Global Accelerator by using the API or by using the AWS Global Accelerator console. Because Global Accelerator is a global service, it’s not tied to a speciﬁc AWS Region.

Note that Global Accelerator is a global service that supports endpoints in multiple AWS Regions but you must specify the US West (Oregon) Region to create or update accelerators.

To get started using Global Accelerator, you follow these general steps:

1.Choose the type of accelerator that you want to create: A standard accelerator or a custom routing accelerator.

2.Conﬁgure the initial setup for Global Accelerator: Provide a name for your accelerator. Then conﬁgure one or more listeners to process inbound connections from clients, based on the protocol and port (or port range) that you specify.

3.Conﬁgure regional endpoint groups for your accelerator: You can select one or more regional endpoint groups to add to your listener. The listener routes requests to the endpoints that you've added to an endpoint group.

For a standard accelerator, Global Accelerator monitors the health of endpoints within the group by using the health check settings that are defined for each of your endpoints. For each endpoint group in a standard accelerator, you can configure a traffic dial percentage to control the percentage of traffic that an endpoint group will accept. The percentage is applied only to traffic that is already directed to the endpoint group, not all listener traffic. By default, the traffic dial is set to 100% for all regional endpoint groups.

For a custom routing accelerators, traffic is deterministically routed to a specific destination in a VPC subnet, based on the listener port that the traffic is received on.

4.Add endpoints to endpoint groups: The endpoints that you add depend on the type of accelerator.

• For a standard accelerator, you can add one or more regional resources, such as load balancers or EC2 instances endpoints, to each endpoint group. Next, you can decide how much traﬃc you want to route to each endpoint by setting endpoint weights.

• For a custom routing accelerator, you add one or more virtual private cloud (VPC) subnets with up to thousands of Amazon EC2 instance destinations.

For detailed steps about how to create a standard accelerator or a custom routing accelerator using the AWS Global Accelerator console, see Getting started with AWS Global Accelerator (p. 12). To work with API operations, see Common actions that you can use with AWS Global Accelerator (p. 20) and the AWS Global Accelerator API Reference.

Tagging in AWS Global Accelerator

Tags are words or phrases (metadata) that you use to identify and organize your AWS resources. You can add multiple tags to each resource, and each tag includes a key and a value that you deﬁne. For example, the key might be environment and the value might be production. You can search and ﬁlter your resources based on the tags you add. In AWS Global Accelerator, you can tag accelerators.

The following are two examples of how it can be useful to work with tags in Global Accelerator:

• Use tags to track billing information in diﬀerent categories. To do this, apply tags to accelerators or other AWS resources (such as Network Load Balancers, Application Load Balancers, or Amazon EC2 instances) and activate the tags. Then AWS generates a cost allocation report as a comma-separated value (CSV ﬁle) with your usage and costs aggregated by your active tags. You can apply tags that represent business categories (such as cost centers, application names, or owners) to organize your

(15)

Tagging support in Global Accelerator

costs across multiple services. For more information, see Using Cost Allocation Tags in the AWS Billing and Cost Management User Guide.

• Use tags to enforce tag-based permissions for accelerators. To do this, create IAM policies that specify tags and tag values to allow or disallow actions. For more information, see Tag-based policies (p. 90).

For usage conventions and links to other resources about tagging, see Tagging AWS resources in the AWS General Reference. For tips on using tags, see Tagging Best Practices: AWS Resource Tagging Strategy in the AWS Whitepapers blog.

For the maximum number of tags that you can add to a resource in Global Accelerator, see Quotas for AWS Global Accelerator (p. 111).

You can add and update tags by using the AWS console, AWS CLI, or Global Accelerator API. This chapter includes steps for working with tagging in the console. For more information about working with tags by using the AWS CLI and the Global Accelerator API, including CLI examples, see the following operations in the AWS Global Accelerator API Reference:

• CreateAccelerator

• TagResource

• UntagResource

• ListTagsForResource

Tagging support in Global Accelerator

AWS Global Accelerator supports tagging for accelerators.

Global Accelerator supports the tag-based access control feature of AWS Identity and Access Management (IAM). For more information, see Tag-based policies (p. 90).

Adding, editing, and deleting tags in Global Accelerator

The following procedure explains how to add, edit, and delete tags for accelerators in the Global Accelerator console.

NoteYou can add or remove tags using the console, the AWS CLI, or Global Accelerator API operations. For more information, including CLI examples, see TagResource in the AWS Global Accelerator API Reference.

To add tags, edit, or delete tags in Global Accelerator

1. Open the Global Accelerator console at https://console.aws.amazon.com/globalaccelerator/home.

2. Choose the accelerator that you want to add or update tags for.

3. In the Tags section, you can do the following:

Add a tag

Choose Add tag, then enter a key and, optionally, a value for the tag.

Edit a tag

Update the text for a key, value, or both. You can also clear the value for a tag, but the key is required.

(16)

Pricing

Delete a tag

Choose Remove on the right side of the value ﬁeld.

4. Choose Save changes.

Pricing for AWS Global Accelerator

With AWS Global Accelerator, you pay only for what you use. You are charged an hourly rate and data transfer costs for each accelerator in your account. For more information, see AWS Global Accelerator Pricing.

(17)

Getting started with a standard accelerator

Getting started with AWS Global Accelerator

These tutorials provide the steps for getting started with AWS Global Accelerator using the console.

You can also use AWS Global Accelerator API operations to create and customize your accelerators.

At each step in this tutorial, there's a link to the corresponding API operation for completing the task programmatically. (When you set up a custom routing accelerator, you must use the API for certain conﬁguration steps.) For more information about working with AWS Global Accelerator API operations, see the AWS Global Accelerator API Reference.

Tip

To explore how you can use Global Accelerator to improve performance and availability for web applications, check out the following self-paced workshop: AWS Global Accelerator Workshop.

Global Accelerator is a global service that supports endpoints in multiple AWS Regions, which are listed in the AWS Region Table.

This chapter includes two tutorials: one for creating a standard accelerator and one for creating a custom routing accelerator. To learn more about the two types of accelerators, see Work with standard accelerators in AWS Global Accelerator (p. 22) and Work with custom routing accelerators in AWS Global Accelerator (p. 39).

Topics

• Getting started with a standard accelerator (p. 12)

• Getting started with a custom routing accelerator (p. 16)

Getting started with a standard accelerator

This section provides steps for creating a standard accelerator that routes traﬃc to an optimal endpoint.

Tasks

• Before you begin (p. 12)

• Step 1: Create an accelerator (p. 13)

• Step 2: Add listeners (p. 13)

• Step 3: Add endpoint groups (p. 14)

• Step 4: Add endpoints (p. 14)

• Step 5: Test your accelerator (p. 15)

• Step 6 (optional): Delete your accelerator (p. 15)

Before you begin

Before you create an accelerator, create at least one resource that you can add as an endpoint to direct traﬃc to. For example, create one of the following:

(18)

Step 1: Create an accelerator

• Launch at least one Amazon EC2 instance to add as an endpoint. For more information, see Create your EC2 resources and launch your EC2 instance in the Amazon EC2 User Guide for Linux Instances.

• Optionally, create one or more Network Load Balancers or Application Load Balancers that includes EC2 instances. For more information, see Create a Network Load Balancer Application Load Balancer in the User Guide for Network Load Balancers.

When you create a resource to add to Global Accelerator, be aware of the following:

• When you add an internal Application Load Balancer or an EC2 instance endpoint in Global Accelerator, you enable internet traffic to flow directly to and from the endpoint in virtual private clouds (VPCs) by targeting it in a private subnet. The VPC that contains the load balancer or EC2 instance must have an internet gateway attached to it, to indicate that the VPC accepts internet traffic. For more information, see Secure VPC connections in AWS Global Accelerator (p. 108).

• Global Accelerator requires your router and firewall rules to allow inbound traffic from the IP addresses associated with Route 53 health checkers to complete health checks for EC2 instance or Elastic IP address endpoints. You can find information about the IP address ranges associated with Amazon Route 53 health checkers in Health Checks for Your Target Groups in the Amazon Route 53 Developer Guide.

Step 1: Create an accelerator

To create your accelerator, you enter a name.

NoteTo complete this task by using an API operation instead of the console, see CreateAccelerator in the AWS Global Accelerator API Reference.

To create an accelerator

2. Choose Create accelerator.

3. Provide a name for your accelerator.

4. Optionally, add one or more tags to help you identify your Global Accelerator resources.

5. Choose Next.

Step 2: Add listeners

Create a listener to process inbound connections from your users to Global Accelerator.

Note

To complete this task by using an API operation instead of the console, see CreateListener in the AWS Global Accelerator API Reference.

To create a listener

1. On the Add listener page, enter the ports or port ranges that you want to associate with the listener. Listeners support ports 1-65535.

2. Choose the protocol or protocols for the ports that you entered.

3. Optionally, choose to enable client aﬃnity. Client aﬃnity for a listener means that Global

Accelerator ensures that connections from a speciﬁc source (client) IP address are always routed to the same endpoint. To enable this behavior, in the dropdown list, choose Source IP.

The default is None, which means that client aﬃnity is not enabled and Global Accelerator distributes traﬃc equally between the endpoints in the endpoint groups for the listener.

(19)

Step 3: Add endpoint groups

For more information, see Client aﬃnity (p. 27).

4. Optionally, choose Add listener to add an additional listener.

5. When you're ﬁnished adding listeners, choose Next.

Step 3: Add endpoint groups

Add one or more endpoint groups, each of which is associated with a speciﬁc AWS Region.

NoteTo complete this task by using an API operation instead of the console, see CreateEndpointGroup in the AWS Global Accelerator API Reference.

To add an endpoint group

1. On the Add endpoint groups page, in the section for a listener, choose a Region from the dropdown list.

2. Optionally, for Traffic dial, enter a number from 0 to 100 to set a percentage of traffic for this endpoint group. The percentage is applied only to the traffic already directed to this endpoint group, not all listener traffic. By default, the traffic dial for an endpoint group is set to 100 (that is, 100%).

3. Optionally, for custom health check values, choose Configure health checks. When you configure health check settings, Global Accelerator uses the settings for health checks for EC2 instance and Elastic IP address endpoints. For Network Load Balancer and Application Load Balancer endpoints, Global Accelerator uses the health check settings that you've already configured for the load balancers themselves. For more information, see Changing health check options (p. 31).

4. Optionally, choose Add endpoint group to add additional endpoint groups for this listener or other listeners.

5. Choose Next.

Step 4: Add endpoints

Add one or more endpoints that are associated with speciﬁc endpoint groups. This step isn't required, but no traﬃc is directed to endpoints in a Region unless the endpoints are included in an endpoint group.

NoteIf you're creating your accelerator programmatically, you add endpoints as part of adding endpoint groups. For more information, see CreateEndpointGroup in the AWS Global Accelerator API Reference.

To add endpoints

1. On the Create endpoints page, in the section for an endpoint, choose an Endpoint.

2. Optionally, for Weight, enter a number from 0 to 255 to set a weight for routing traffic to this endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. By default, all endpoints have a weight of 128. For more information, see Endpoint weights (p. 34).

3. Optionally, for an Application Load Balancer endpoint, under Preserve client IP address, select Preserve address. For more information, see Preserve client IP addresses in AWS Global Accelerator (p. 59).

4. Optionally, choose Add endpoint to add more endpoints.

5. Choose Next.

(20)

Step 5: Test your accelerator

After you choose Next, on the Global Accelerator dashboard you'll see a message that your accelerator is in progress. When the process is ﬁnished, the accelerator status in the dashboard is Active.

Step 5: Test your accelerator

Take steps to test your accelerator to make sure that traffic is being directed to your endpoints. For example, run a curl command such as the following, substituting one of your accelerator's static IP addresses, to show the AWS Regions where requests are processed. This is especially helpful if you set different weights for endpoints or adjust the traffic dial on endpoint groups.

Run a curl command like the following, substituting one of your accelerator's static IP addresses, to call the IP address 100 times and then output a count of where each request was processed.

for ((i=0;i<100;i++)); do curl http://198.51.100.0/ >> output.txt; done; cat output.txt | sort | uniq -c ; rm output.txt;

If you've adjusted the traffic dial on any endpoint groups, this command can help you confirm that your accelerator is directing the correct percentages of traffic to different groups. For more information, see the detailed examples in the following blog post, Traffic management with AWS Global Accelerator.

Step 6 (optional): Delete your accelerator

If you created an accelerator as a test or if you're no longer using an accelerator, you can delete it. On the console, disable the accelerator, and then you can delete it. You don't have to remove listeners and endpoint groups from the accelerator.

To delete an accelerator by using an API operation instead of the console, you must ﬁrst remove all listeners and endpoint groups that are associated with the accelerator as well as disable it. For more information, see the DeleteAccelerator operation in the AWS Global Accelerator API Reference.

Be aware of the following when you remove endpoints or endpoint groups, or delete an accelerator:

• When you create an accelerator, Global Accelerator provides you with a set of two static IP addresses.

The IP addresses are assigned to your accelerator for as long as it exists, even if you disable the

accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator, you lose the static IP addresses that are assigned to the accelerator, so you can no longer route traﬃc by using them. As a best practice, ensure that you have permissions in place to avoid inadvertently deleting accelerators. You can use IAM policies with Global Accelerator, for example, tag-based permissions, to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

• If you terminate an EC2 instance before you remove it from an endpoint group in Global Accelerator, and then you create another instance with the same private IP address, and health checks pass, Global Accelerator will route traﬃc to the new endpoint. If you don't want this to happen, remove the EC2 instance from the endpoint group before you terminate the instance.

To delete an accelerator

2. Choose the accelerator that you want to delete.

3. Choose Edit.

4. Choose Disable accelerator, and then choose Save.

6. Choose Delete accelerator.

7. In the conﬁrmation dialog box, choose Delete.

(21)

Getting started with a custom routing accelerator

This section provides steps for creating a custom routing accelerator that routes traﬃc deterministically to Amazon EC2 instance destinations in virtual private cloud (VPC) subnet endpoints.

Tasks

• Before you begin (p. 16)

• Step 1: Create a custom routing accelerator (p. 16)

• Step 2: Add listeners (p. 16)

• Step 3: Add endpoint groups (p. 17)

• Step 4: Add endpoints (p. 17)

• Step 5 (optional): Delete your accelerator (p. 18)

Before you begin

Before you create a custom routing accelerator, create a resource that you can add as an endpoint to direct traﬃc to. A custom routing accelerator endpoint must be a virtual private cloud (VPC) subnet, which can include multiple Amazon EC2 instances. For instructions for creating the resources see the following:

• Create a VPC subnet. For more information, see Create and Conﬁgure Your VPC in the AWS Directory Service Administration Guide.

• Optionally, launch one or more Amazon EC2 instances in your VPC. For more information, see Create your EC2 resources and launch your EC2 instance in the Amazon EC2 User Guide for Linux Instances.

When you create a resource to add to Global Accelerator, be aware of the following:

• When you add an EC2 instance endpoint in Global Accelerator, you enable internet traffic to flow directly to and from the endpoint in VPCs by targeting it in a private subnet. The VPC that contains the EC2 instance must have an internet gateway attached to it, to indicate that the VPC accepts internet traffic. For more information, see Secure VPC connections in AWS Global Accelerator (p. 108).

Step 1: Create a custom routing accelerator

NoteTo complete this task by using an API operation instead of the console, see CreateCustomRoutingAccelerator in the AWS Global Accelerator API Reference.

To create an accelerator

3. For Accelerator type, select Custom routing.

4. Optionally, add one or more tags to help you identify your accelerator resources.

5. Choose Next to add listeners, endpoint groups, and VPC subnet endpoints.

Step 2: Add listeners

Create a listener to process inbound connections from your users to Global Accelerator.

(22)

Step 3: Add endpoint groups

The range that you specify when you create a listener deﬁnes how many listener port and destination IP address combinations that you can use with your custom routing accelerator. For maximum ﬂexibility, we recommend that you specify a large port range. Each listener port range that you specify must include a minimum of 16 ports.

NoteTo complete this task by using an API operation instead of the console, see CreateCustomRoutingListener in the AWS Global Accelerator API Reference.

To create a listener

1. On the Add listener page, enter the ports or port ranges that you want to associate with the listener. Listeners support ports 1-65535.

2. Choose the protocol or protocols for the ports that you entered.

3. Optionally, choose Add listener to add an additional listener.

4. When you're ﬁnished adding listeners, choose Next.

Step 3: Add endpoint groups

Add one or more endpoint groups, each of which is associated with a speciﬁc AWS Region. For each endpoint group, specify one or more sets of port ranges and protocols. Global Accelerator uses these to direct traﬃc to Amazon EC2 instances in subnets in the Region.

For each port range that you provide, you also specify the protocol to use: UDP, TCP, or both UDP and TCP.

Note

To complete this task by using an API operation instead of the console, see CreateCustomRoutingEndpointGroup in the AWS Global Accelerator API Reference.

To add an endpoint group

1. On the Add endpoint groups page, in the section for a listener, choose a Region.

2. For Ports and protocols sets, enter port ranges and protocols for your Amazon EC2 instances.

• Enter a From port and a To port to specify a range of ports.

• For each port range, specify the protocol or protocols for that range.

The port range doesn't have to be a subset of your listener port range, but there must be enough total ports in the listener port range to support the total number of ports that you specify.

3. Choose Save.

4. Optionally, choose Add endpoint group to add additional endpoint groups for this listener or other listeners.

5. Choose Next.

Step 4: Add VPC subnet endpoints

Add one or more virtual private cloud (VPC) subnet endpoints for this regional endpoint group.

Endpoints for custom routing accelerators deﬁne the VPC subnets that can receive traﬃc through a custom routing accelerator. Each subnet can contain one or many Amazon EC2 instance destinations.

When you add a VPC subnet endpoint, Global Accelerator generates new port mappings that you can use to route traﬃc to the destination EC2 instance IP addresses in the subnet. Then you can use the

(23)

Step 5 (optional): Delete your accelerator

Global Accelerator API to get a static list of all the port mappings for the subnet, and use the mapping to deterministically direct traﬃc to speciﬁc EC2 instances.

NoteThe steps here show how to add endpoints in the console. If you're creating your accelerator programmatically, you add endpoints with endpoint groups. For more information, see CreateCustomRoutingEndpointGroup in the AWS Global Accelerator API Reference.

To add endpoints

1. On the Add endpoints page, in the section for the endpoint group that you want to add the endpoint to, choose a subnet ID for Endpoint.

2. Optionally, do one of the following to enable traﬃc to EC2 instance destinations in the subnet:

• To allow traﬃc to be directed to all EC2 endpoints and ports on the subnet, select Allow all traﬃc

• To allow traffic to specific EC2 endpoints and ports on the subnet, select Allow traffic to specific destination socket addresses. Then specify the IP addresses and ports or port ranges to allow.

Finally, choose Allow these destinations.

By default, no traffic is allowed to subnet endpoints. If you don't select an option to allow traffic, traffic is denied to all destinations in the subnet.

NoteIf you want to enable traffic to specific EC2 instances and ports in the subnet, you can do that programmatically. For more information, see AllowCustomRoutingTraffic in the AWS Global Accelerator API Reference.

3. Choose Next.

After you choose Next, on the Global Accelerator, dashboard you'll see a message that your accelerator is in progress. When the process is ﬁnished, the accelerator status in the dashboard is Active.

Step 5 (optional): Delete your accelerator

If you created an accelerator as a test or if you're no longer using an accelerator, you can delete it. On the console, disable the accelerator, and then you can delete it. You don't have to remove listeners and endpoint groups from the accelerator.

To delete an accelerator by using an API operation instead of the console, you must ﬁrst remove all listeners and endpoint groups that are associated with the accelerator as well as disable it. For more information, see the DeleteCustomRoutingAccelerator operation in the AWS Global Accelerator API Reference.

Be aware of the following when you delete an accelerator:

• When you create an accelerator, Global Accelerator provides you with a set of two static IP addresses.

The IP addresses are assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator, you lose the static IP addresses that are assigned to the accelerator, so you can no longer route traﬃc by using them. As a best practice, ensure that you have permissions in place to avoid inadvertently deleting accelerators. You can use IAM policies like tag-based permissions with Global Accelerator to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

To delete an accelerator

(24)

Step 5 (optional): Delete your accelerator

3. Choose Edit.

4. Choose Disable accelerator, and then choose Save.

6. Choose Delete accelerator.

7. In the conﬁrmation dialog box, choose Delete.

(25)

Common actions that you can use with AWS Global Accelerator

This section lists common AWS Global Accelerator actions that you can use with Global Accelerator resources, with links to relevant documentation.

Actions to use with standard resources

The following table lists common Global Accelerator actions that you can use with Global Accelerator standard accelerators, with links to relevant documentation.

Action Using the Global Accelerator

Console Using the Global Accelerator

API Create a standard accelerator See Getting started with a

standard accelerator (p. 12) See CreateAccelerator Create a listener for a standard

accelerator See Listeners for standard

accelerators in AWS Global Accelerator (p. 26)

See CreateListener

Create a endpoint group for a

standard accelerator See Endpoint groups for standard accelerators in AWS Global Accelerator (p. 28)

See CreateEndpointGroup

Update a standard accelerator See Standard accelerators in AWS Global

Accelerator (p. 22)

See UpdateAccelerator

List your accelerators See Viewing your

accelerators (p. 24) See ListAccelerator Get all information about an

accelerator See Viewing your

accelerators (p. 24) See DescribeAccelerator Delete an accelerator See Creating or updating a

standard accelerator (p. 23) See DeleteAccelerator

Actions to use with custom routing resources

The following table lists common Global Accelerator actions that you can use with custom routing accelerators, with links to relevant documentation.

API Create a custom routing

accelerator See Getting started

with a custom routing accelerator (p. 16)

See

CreateCustomRoutingAccelerator

(26)

API Create a listener for a custom

routing accelerator See Listeners for custom routing accelerators in AWS Global Accelerator (p. 46)

See

CreateCustomRoutingListener Create an endpoint group for a

custom routing accelerator See Endpoint groups for custom routing accelerators in AWS Global Accelerator (p. 47)

See

CreateCustomRoutingEndpointGroup Update a custom routing

accelerator See Custom routing

accelerators in AWS Global Accelerator (p. 44)

See

UpdateCustomRoutingAccelerator List your custom routing

accelerators See Viewing your custom

routing accelerators (p. 45) See

ListCustomRoutingAccelerator Get all information about a

custom routing accelerator See Viewing your custom

routing accelerators (p. 45) See

DescribeCustomRoutingAccelerator Delete a custom routing

accelerator See Creating or updating

a custom routing accelerator (p. 44)

See

DeleteCustomRoutingAccelerator Get the static port mapping for

a custom routing accelerator N/A See

ListCustomRoutingPortMappings Allow all destination traﬃc for

a subnet in a custom routing accelerator

See Adding, editing, or removing a VPC subnet endpoint (p. 49)

See

AllowCustomRoutingTraffic Deny all destination traﬃc for

a subnet in a custom routing accelerator

See

DenyCustomRoutingTraffic Allow traﬃc to speciﬁc

destinations in a custom routing accelerator

See

AllowCustomRoutingTraffic Deny traﬃc to speciﬁc

destinations in a custom routing accelerator

See

DenyCustomRoutingTraffic

(27)

Standard accelerators

Work with standard accelerators in AWS Global Accelerator

This chapter includes procedures and recommendations for creating standard accelerators in AWS Global Accelerator. With a standard accelerator, Global Accelerator chooses the closest healthy endpoint for your traﬃc.

If instead you want to use custom application logic to direct one or more users to a speciﬁc endpoint among many endpoints, create a custom routing accelerator. For more information, see Work with custom routing accelerators in AWS Global Accelerator (p. 39).

To set up a standard accelerator, do the following:

1. Create an accelerator, and choose the standard accelerator option.

2. Add a listener with a speciﬁc set of ports or port range, and choose the protocol to accept: TCP, UDP, or both.

3. Add one or more endpoint groups, one for each AWS Region in which you have endpoint resources.

4. Add one or more endpoints to endpoint groups. This isn't required, but traﬃc won't be routed if you don't have any endpoints. Endpoints can be Network Load Balancers, Application Load Balancers, Amazon EC2 instances, or Elastic IP addresses.

The following sections step through working with standard accelerators, listeners, endpoint groups, and endpoints.

Topics

• Standard accelerators in AWS Global Accelerator (p. 22)

• Listeners for standard accelerators in AWS Global Accelerator (p. 26)

• Endpoint groups for standard accelerators in AWS Global Accelerator (p. 28)

• Endpoints for standard accelerators in AWS Global Accelerator (p. 32)

Standard accelerators in AWS Global Accelerator

A standard accelerator in AWS Global Accelerator directs traﬃc to optimal endpoints over the AWS global network to improve the availability and performance of your internet applications that have a global audience. Each accelerator includes one or more listeners. A listener processes inbound connections from clients to Global Accelerator, based on the protocol (or protocols) and port (or port range) that you conﬁgure.

When you create an accelerator, by default, Global Accelerator provides you with a set of two static IP addresses. If you bring your own IP address range to AWS (BYOIP), you can instead assign static IP addresses from your own pool to use with your accelerator. For more information, see Bring your own IP addresses (BYOIP) in AWS Global Accelerator (p. 53).

Important

The IP addresses are assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traﬃc. However, when you delete an accelerator,

(28)

Creating or updating a standard accelerator

you lose the Global Accelerator static IP addresses that are assigned to the accelerator, so you can no longer route traﬃc by using them. As a best practice, ensure that you have permissions in place to avoid inadvertently deleting accelerators. You can use IAM policies with Global Accelerator, for example, tag-based permissions, to limit the users who have permissions to delete an accelerator. For more information, see Tag-based policies (p. 90).

This section explains how to create, edit, or delete a standard accelerator on the Global Accelerator console. If you want to use API operations with Global Accelerator, see the AWS Global Accelerator API Reference.

Topics

• Creating or updating a standard accelerator (p. 23)

• Deleting an accelerator (p. 24)

• Viewing your accelerators (p. 24)

• Add an accelerator when you create a load balancer (p. 24)

• Using global static IP addresses instead of regional static IP addresses (p. 25)

Creating or updating a standard accelerator

This section explains how to create or update standard accelerators on the console. To work with Global Accelerator programmatically, see the AWS Global Accelerator API Reference.

To create a standard accelerator

2. Choose Create accelerator.

4. For Accelerator type, select Standard.

5. Optionally, if you brought your own IP address ranges to AWS (BYOIP), you can specify a static IP address for your accelerator, one from each address pool. Make this choice for each of the two static IP addresses for your accelerator.

• For each static IP address, choose the IP address pool to use.

NoteYou must choose a diﬀerent IP address pool for each static IP address. This restriction is because Global Accelerator assigns each address range to a diﬀerent network zone, for high availability.

• If you chose your own IP address pool, also choose a speciﬁc IP address from the pool. If you choose the default Amazon IP address pool, Global Accelerator assigns a speciﬁc IP address to your accelerator.

6. Optionally, add one or more tags to help you identify your accelerator resources.

7. Choose Next to add listeners, endpoint groups, and endpoints.

To edit a standard accelerator

2. In the list of accelerators, choose one, and then choose Edit.

3. On the Edit accelerator page, make any changes that you like. For example, you can disable the accelerator so that it no longer accepts or routes traﬃc, or so that you can delete it. Or, if the accelerator is disabled, you can enable it.

AWS Global Accelerator

AWS Global Accelerator

Developer Guide

AWS Global Accelerator: Developer Guide

Table of Contents

What is AWS Global Accelerator?

AWS Global Accelerator components

How AWS Global Accelerator works

Idle timeout in AWS Global Accelerator

Static IP addresses in AWS Global Accelerator

Traffic flow management with traffic dials and endpoint weights

Health checks for AWS Global Accelerator

Types of accelerators

Location and IP address ranges of Global Accelerator edge servers

AWS Global Accelerator use cases

AWS Global Accelerator Speed Comparison Tool

How to get started with AWS Global Accelerator

Tagging in AWS Global Accelerator

Tagging support in Global Accelerator

Adding, editing, and deleting tags in Global Accelerator

Pricing for AWS Global Accelerator

Getting started with AWS Global Accelerator

Getting started with a standard accelerator

Before you begin

Step 1: Create an accelerator

Step 2: Add listeners

Step 3: Add endpoint groups

Step 4: Add endpoints

Step 5: Test your accelerator

Step 6 (optional): Delete your accelerator

Getting started with a custom routing accelerator

Before you begin

Step 1: Create a custom routing accelerator

Step 2: Add listeners

Step 3: Add endpoint groups

Step 4: Add VPC subnet endpoints

Step 5 (optional): Delete your accelerator

Common actions that you can use with AWS Global Accelerator

Work with standard accelerators in AWS Global Accelerator

Standard accelerators in AWS Global Accelerator

Creating or updating a standard accelerator