BLOG

Connect and Secure Microservices Everywhere with F5 and Amazon VPC Lattice

Dave Morrissey サムネール
Dave Morrissey
Published December 04, 2023

The journey from monolithic apps to microservices has changed how apps are built. Today, different teams often have their own virtual private clouds (VPCs) where various services live. However, the boundaries formed by these VPCs may not align to application boundaries, requiring communication across multiple VPCs and compute services in your cloud environment.

Building a network to link all these distributed microservices could potentially be a huge headache, mired in IP address collisions and routing issues. Networking alone won’t provide successful app-to-app or service-to-service communication. You need to advertise and discover services on the network, load balance applications, and get visibility into service health to identify potential issues. Don’t forget securing all these services and connections against threats or unauthorized access, too!

Connecting Services in AWS

The AWS solution to this problem is Amazon VPC Lattice, a managed service that discovers and securely connects microservices across multiple VPCs and AWS accounts as well as compute types, such as Kubernetes or serverless. It provides visibility, security, and traffic management for thousands of connected services without having to build and maintain a convoluted network.

However, since 87% of organizations are using hybrid or multi-cloud environments,1 there’s a good chance you need to connect some of your services and apps on AWS with other servers or users outside of AWS, which are not served by VPC Lattice. If you need to connect apps and data across multiple clouds or compute services, F5 offers solutions to securely extend Amazon VPC Lattice.

Cross-Cloud App Communication with F5

F5® Distributed Cloud App Connect is a SaaS-based solution designed to securely connect distributed apps and services across public cloud, on-premises, and edge environments. When installed in an AWS instance, it can connect VPC Lattice services with apps or users on other clouds or on premises. In addition, if you need to connect services on AWS with your enterprise or data center, you can use another F5 Distributed Cloud SaaS service called F5® Distributed Cloud Customer Edge.

Just like Amazon VPC Lattice, Distributed Cloud App Connect offers service discovery, load balancing, visibility, and security. App segmentation lets you apply granular policies to control access and where services are advertised to protect both apps and the underlying network, while native TLS encryption between workloads secures data in transit.

More Than Just App-to-App Networking

As part of F5 Distributed Cloud Services, Distributed Cloud App Connect shares the same console as F5 SaaS-based security solutions that span bot defense, DDoS protection, API security, and a web application firewall. Any or all of these solutions can be used in conjunction with Distributed Cloud App Connect for a simpler way to protect your apps and networks against automated attacks or malicious users.

Distributed Cloud App Connect also provides observability into the health of your services with app-level dashboards and metrics to identify and resolve any app issues. Because of the shared F5® Distributed Cloud Console, you can view metrics with security and network context for faster troubleshooting and better decisions.

You can also automate app deployments with Distributed Cloud App Connect by using infrastructure as code to provision resources efficiently and ensure policies are consistent across sites. Support for AWS, Azure, Google Cloud, IBM Cloud, Red Hat OpenShift, and VMware means you can connect and deploy apps virtually anywhere with ease.

In addition, F5 BIG-IP and F5 NGINX can both also link Amazon VPC Lattice to other parts of your IT environment. These solutions can proxy requests from non-Lattice environments to your VPC Lattice, as well as integrate security via BIG-IP Advanced WAF, BIG-IP Access Policy Manager, BIG-IP Advanced Firewall Manager, or NGINX App Protect.

Seamlessly Bridging Microservices: Tools for Enhanced Digital Ecosystems

Navigating the terrain of distributed microservices has its complexities, but with tools like F5 and Amazon VPC Lattice, a seamless and secure connection of services across diverse environments is achievable. Explore the various functionalities offered, such as service discovery, load balancing, visibility, and security. Evaluating the specific needs of your organization and leveraging the flexibility and security these solutions offer will be instrumental in creating an efficient and resilient digital ecosystem.

To learn more about how you can simplify app-to-app connectivity with F5, visit https://www.f5.com/cloud/products/app-connect.


Additional Source:

1 2023 State of the Cloud Report, Flexera, April 2023