Cloudfront

Cloudfront is AWS' CDN.

It caches content at 216 edge locations around the world.

The benefits are:

A list of the locations is here

Origins

These are the information sources that can be used with Cloudfront.

Using S3 as an example:

This is a common question. If Cloudfront manages global access, how do other AWS features that do similar things differ.

Cloudfront:

S3 Cross region replication:

Setup for each region
Does not cache, files updated in realtime
Read only
Good for dynamic content, often changing that needs to be available in a few regions. Not for content that needs to be globally available.

If Cloudfront does not have cached content in the edge location, it will reach out to the origin

Using VPC origins allow you to deliver content from apps hosted in private subnets.

Traffic can be delivered to private ALBs, NLBs and EC2 instances

You can choose what to expose through Cloudfront, which is highly secure

Can setup an allow list for a list of approved/banned countries.

IPs are mapped to Geolocations internally by AWS.

Cost per location varies. E.g Mexico and US are much cheaper than India (surprisingly).

You can reduce cost by reducing the number of edge locations:

If you change origin, Cloudfront won't update content until TTL expires.

You can force the change using Cloudfront invalidation, which will remove files from the cache.

To further reduce latency, global accelerator accelerates a user through the network. This prevents many hops:

It does this by utilising Anycast IP, which gives multiple servers the same IP, but routes the user to the nearest one:

Global accelerator uses the Anycast IP to achieve acceleration.

Benefits: