AWS Global Accelerator
Developer Guide

Getting Started with AWS Global Accelerator

This tutorial provides the steps for getting started with AWS Global Accelerator using the console. You can also use AWS Global Accelerator API operations to create and customize your accelerator. At each step in this tutorial, there's a link to the corresponding API operation for completing the task programmatically. For more information about working with AWS Global Accelerator API operations, see the AWS Global Accelerator API Reference.

Tasks

Before You Begin

Before you create an accelerator, create at least one resource that you can add as an endpoint to direct traffic to. For example, create one of the following:

When you create a resource to add to Global Accelerator, be aware of the following:

  • When you add an internal Application Load Balancer or an EC2 instance endpoint in Global Accelerator, you enable internet traffic to flow directly to and from the endpoint in Virtual Private Clouds (VPCs) by targeting it in a private subnet. The VPC that contains the load balancer or EC2 instance must have an internet gateway attached to it, to indicate that the VPC accepts internet traffic. For more information, see Secure VPC Connections in AWS Global Accelerator.

  • Global Accelerator requires your router and firewall rules to allow inbound traffic from the IP addresses associated with Route 53 health checkers to complete health checks for Application Load Balancer, EC2 instance, or Elastic IP address endpoints. You can find information about the IP address ranges associated with Amazon Route 53 health checkers in Health Checks for Your Target Groups in the Amazon Route 53 Developer Guide.

Step 1: Create an Accelerator

To create your accelerator, you enter a name.

Note

To complete this task by using an API operation instead of the console, see CreateAccelerator in the AWS Global Accelerator API Reference.

To create an accelerator

  1. Open the Global Accelerator console at https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Global Accelerator:.

  2. Choose Create accelerator.

  3. Provide a name for your accelerator.

  4. Choose Next.

Step 2: Add Listeners

Create a listener to process inbound connections from your users to Global Accelerator.

Note

To complete this task by using an API operation instead of the console, see CreateListener in the AWS Global Accelerator API Reference.

To create a listener

  1. On the Add listener page, enter the ports or port ranges that you want to associate with the listener. Listeners support ports 1-65535.

  2. Choose the protocol for the ports that you entered.

  3. Optionally, choose to enable client affinity. Client affinity for a listener means that Global Accelerator ensures that connections from a specific source (client) IP address are always routed to the same endpoint. To enable this behavior, in the dropdown list, choose Source IP.

    The default is None, which means that client affinity is not enabled and Global Accelerator distributes traffic equally between the endpoints in the endpoint groups for the listener.

    For more information, see Client Affinity.

  4. Optionally, choose Add listener to add an additional listener.

  5. When you're finished adding listeners, choose Next.

Step 3: Add Endpoint Groups

Add one or more endpoint groups, each of which is associated with a specific AWS Region.

Note

To complete this task by using an API operation instead of the console, see CreateEndpointGroup in the AWS Global Accelerator API Reference.

To add an endpoint group

  1. On the Add endpoint groups page, in the section for a listener, choose a Region from the dropdown list.

  2. Optionally, for Traffic dial, enter a number from 0 to 100 to set a percentage of traffic for this endpoint group. The percentage is applied only to the traffic already directed to this endpoint group, not all listener traffic. By default, the traffic dial for an endpoint group is set to 100 (that is, 100%).

  3. Optionally, for custom health check values, choose Configure health checks. When you configure health check settings, Global Accelerator uses the settings for health checks for EC2 instance and Elastic IP address endpoints. For Network Load Balancer and Application Load Balancer endpoints, Global Accelerator uses the health check settings that you've already configured for the load balancers themselves. For more information, see Health Check Options.

  4. Optionally, choose Add endpoint group to add additional endpoint groups for this listener or other listeners.

  5. Choose Next.

Step 4: Add Endpoints

Add one or more endpoints that are associated with specific endpoint groups. This step isn't required, but no traffic is directed to endpoints in a Region unless the endpoints are included in an endpoint group.

Note

If you're creating your accelerator programmatically, you add endpoints as part of adding endpoint groups. For more information, see CreateEndpointGroup in the AWS Global Accelerator API Reference.

To add endpoints

  1. On the Create endpoints page, in the section for an endpoint, choose an endpoint from the dropdown list.

  2. Optionally, for Weight, enter a number from 0 to 255 to set a weight for routing traffic to this endpoint. When you add weights to endpoints, you configure Global Accelerator to route traffic based on proportions that you specify. By default, all endpoints have a weight of 128. For more information, see Endpoint Weights.

  3. Optionally, for an Application Load Balancer endpoint, under Preserve client IP address, select Preserve address. For more information, see Preserve Client IP Addresses in AWS Global Accelerator.

  4. Optionally, choose Add endpoint to add more endpoints.

  5. Choose Next.

After you choose Next, on the Global Accelerator dashboard you'll see a message that your accelerator is in progress. When the process is finished, the accelerator status in the dashboard is Active.

Step 5: Test Your Accelerator

Take steps to test your accelerator to make sure that traffic is being directed to your endpoints. For example, run a curl command such as the following, substituting one of your accelerator's static IP addresses, to show the AWS Regions where requests are processed. This is especially helpful if you set different weights for endpoints or adjust the traffic dial on endpoint groups.

Run a curl command like the following, substituting one of your accelerator's static IP addresses, to call the IP address 100 times and then output a count of where each request was processed.

for ((i=0;i<100;i++)); do curl http://198.51.100.0/ >> output.txt; done; cat output.txt | sort | uniq -c ; rm output.txt;

If you've adjusted the traffic dial on any endpoint groups, this command can help you confirm that your accelerator is directing the correct percentages of traffic to different groups. For more information, see the detailed examples in the following blog post, Traffic management with AWS Global Accelerator.

Step 6: Delete Your Accelerator

If you created an accelerator as a test or if you're no longer using an accelerator, you can delete it. On the console, disable the accelerator, and then you can delete it. You don't have to remove listeners and endpoint groups from the accelerator.

To delete an accelerator by using an API operation instead of the console, you must first remove all listeners and endpoint groups that are associated with the accelerator as well as disable it. For more information, see the DeleteAccelerator operation in the AWS Global Accelerator API Reference.

Be aware of the following when you remove endpoints or endpoint groups, or delete an accelerator:

  • When you create an accelerator, Global Accelerator provides you with a set of two static IP addresses. The IP addresses are assigned to your accelerator for as long as it exists, even if you disable the accelerator and it no longer accepts or routes traffic. However, when you delete an accelerator, you lose the static IP addresses that are assigned to the accelerator, so you can no longer route traffic by using them. As a best practice, ensure that you have permissions in place to avoid inadvertently deleting accelerators. You can use IAM policies with Global Accelerator to limit the users who have permissions to delete an accelerator. For more information, see Authentication and Access Control for AWS Global Accelerator.

  • If you terminate an EC2 instance before you remove it from an endpoint group in Global Accelerator, and then you create another instance with the same private IP address, and health checks pass, Global Accelerator will route traffic to the new endpoint. If you don't want this to happen, remove the EC2 instance from the endpoint group before you terminate the instance.

To delete an accelerator

  1. Open the Global Accelerator console at https://us-west-2.console.aws.amazon.com/ec2/v2/home?region=us-west-2#Global Accelerator:.

  2. Choose the accelerator that you want to delete.

  3. Choose Edit.

  4. Choose Disable accelerator, and then choose Save.

  5. Choose the accelerator that you want to delete.

  6. Choose Delete accelerator.

  7. In the confirmation dialog box, choose Delete.