At Kong, we're always looking to expand the experience of running our products in the AWS cloud. As we steadily move into 2023, we want to continue this streak because we see firsthand the tremendous growth and success it provides our customers.
Today, we're excited to announce that the Kong API management platforms, Kong Enterprise and Kong Konnect, are validated integrations with [Amazon VPC Lattice](https://aws.amazon.com/vpc/lattice/)Amazon VPC Lattice.
When designing your AWS environments, the best practice is to build a multi-account multi-VPC strategy to organize the AWS environments (See: [Organizing Your AWS Environment Using Multiple Accounts Whitepaper](https://docs.aws.amazon.com/whitepapers/latest/organizing-your-aws-environment/organizing-your-aws-environment.html)Organizing Your AWS Environment Using Multiple Accounts Whitepaper). Example use cases of this are different lines of business or application lifecycle management distributed across accounts and VPCs. This type of isolation is imperative because it narrows the scope of impact and overall provides better security and reliability and enables cost optimization.
But as organizations drive more workloads to AWS, with the multi-account multi-VPC strategy two new issues unfold. It's very common that multiple lines of business need to cross-communicate in order to provide a more holistic experience.
First, how do you best manage service-to-service communication across account and VPC boundaries without taking unnecessary risks?
Second, how do you provide a simple and centralized API management strategy into (ingress) and out of (egress) the multi-account AWS ecosystem while again minimizing risks?
This is where a Kong API management and AWS VPC Lattice integration can be a game changer.
The mission statement of VPC Lattice is to "simplify service-to-service connectivity, security, and monitoring" in the AWS cloud.
With VPC Lattice, customers can solve complex use cases such as multi-VPC Kubernetes integrations, or multi-account Lambda and EKS integrations.
There are a couple of interesting use cases of how to handle the ingress and egress of services in a VPC Lattice network.
To this effect, Kong collaborated with AWS to validate the integration of the Kong Gateway with VPC Lattice.
Let's dive into a sample reference architecture to discuss this further.
The architecture below will focus on one possible variation of Kong Gateway as ingress into a VPC Lattice network.
The overall benefit of this reference architecture is using VPC Lattice non-intrusively to expose backend microservices to the gateway. The gateway can reside within its own AWS environment and simply call out to microservices available on the VPC Lattice irrespective of where those services are running (another account, another VPC) or what type of AWS platform (EKS, ECS, Lambda). Because VPC Lattice also abstracts the AWS runtime away as just a DNS entry, from the perspective of the gateway it's simply calling another upstream service.
Let's visualize this with the diagram below.
**Single Entry Point:** The Kong Gateway, either self-managed with Kong Enterprise or as a SaaS offering with Kong Konnect data plane, can run in separate AWS infrastructure dedicated to the gateway as the only component accessible to your API consumers.
**Abstract Isolated Environments:** VPC Lattice has the concept of a Service Network and Services. These abstract away any AWS environment design from the gateway so that the backend microservices can run in extremely isolated environments (multi-account or multi-VPC design). Development teams define what services should be accessible to the gateway in a simplified way.
**Leverage any Runtime:** We have three different AWS runtimes (EKS, ECS, and Lambda) that the gateway is reaching out to without additional networking concerns. VPC Lattice takes care of exposing EKS services to the Lattice network, as well as the other AWS runtimes.
Kong Enterprise and Kong Konnect are best-in-class API management platforms that are designed for the cloud native era.
Today, Kong supports running on numerous AWS platforms including EC2, ECS, Lambda, EKS, and even EKS Anywhere. And the list of support continues to expand year over year. (See: [Supercharge API Management on AWS](https://konghq.com/campaign/aws-better-together)Supercharge API Management on AWS.)
Kong Enterprise and Kong Konnect products are a great fit to enhance and extend a VPC Lattice architecture. Kong provides a powerful, cloud native gateway to serve as the entrypoint to VPC Lattice, the smallest attack surface to AWS services, thereby providing a secure entry point into the AWS services. Kong employs a modern plugin architecture for solutions such as OIDC integration and rate-limiting, which give fine-grained control to services ensuring compliance while maintaining performance. With built-in tools, such as DecK to support API lifecycle management, exposing VPC Lattice services gains a high level of automation and reliability.
Moreover, it's easy to get started with [Kong Konnect on AWS](https://konghq.com/blog/kong-expands-aws-offerings)Kong Konnect on AWS.
Kong Konnect is our SaaS API management platform, where the control plane is hosted in the cloud by Kong, while the runtimes, Kong Gateway, run in your environment.
By having Kong Konnect available in the [AWS Marketplace](https://aws.amazon.com/marketplace/pp/prodview-7zds3oxx3ntjy?sr=0-4&ref_=beagle&applicationId=AWSMPContessa)AWS Marketplace, it shortens the procurement process to just a few clicks. This may seem small in stature but has been shown to have a tremendous impact on time to market, and cost savings.
We're so excited to be a part of the VPC Lattice Partner Launch. In this post, we reviewed one of many possible interesting reference architectures of Kong API Management Platform with VPC Lattice and how quickly you can get started with Kong Konnect in the AWS Marketplace.
Managed Redis cache is a turnkey "Shared State" add-on for Kong Dedicated Cloud Gateways. It is designed to combine the performance of an in-memory data store with the simplicity of a SaaS product. When you spin up a Dedicated Cloud Gateway in Kong
[](https://konghq.com/blog/product-releases/multicloud-cloud-gateways-managed-redis-cache)A quick refresher: Kong Cloud Gateways Kong Cloud Gateways are fully managed, high-performance data planes running on customer-dedicated infrastructure, orchestrated and operated by Kong through Kong Konnect . Customers can choose between: Serverle
[](https://konghq.com/blog/product-releases/kong-cloud-gateways-2025-news-recap)
Feed Agents (and humans, too) with *all* of your APIs While multi-gateway vendor deployments have been found to be lacking as a long-term strategy, the reality is that every large organization is — at some point — going to struggle with trying to wr
[](https://konghq.com/blog/enterprise/enable-enterprise-wide-agentic-access-to-apis)
We're continuing our efforts to make Kong Gateway Operator (KGO) the preferred way to install, upgrade, scale, and manage a Kong Gateway or Kubernetes Ingress — whether you’re managing from Kong Konnect or Kubernetes. With this latest release, we're
[](https://konghq.com/blog/product-releases/kong-gateway-operator-1-6)
I'm commonly asked by customers for advice on how they can build a good platform cross-charging model for their organization. And my gut reaction is nearly always "don't." We'll come back to why I think that later, but first let's look at what cross
[](https://konghq.com/blog/enterprise/platform-cross-charging-model)
Using Konnect Advanced Analytics for a faster real-time measurement of what your users are experiencing Earlier this year the Kong Konnect Analytics team was looking to leverage the stability and flexibility of our own Kong Gateway to handle the e
[](https://konghq.com/blog/engineering/konnect-advanced-analytics-faster-than-statsd)
Deploying Kong Mesh on ECS The focus of this blog is to provide step-by-step instructions for deploying and configuring Kong Mesh with Kong Konnect on an AWS ECS instance so that anyone will be able to get pre-production installation of Kong Mesh st
[](https://konghq.com/blog/engineering/kong-mesh-with-konnect-on-aws-ecs)