A lot of people are unaware that Amazon Web Services (AWS) has a CDN service called AWS CloudFront. It is one of the more popular AWS services and it works by caching certain objects in edge locations near the end-user, to minimize network latency. It can be used for any static content which can help speed up website load times, lower bandwidth costs, and improve reliability when other systems fail. Let’s discuss this In-depth.
What is AWS Cloudfront?
Amazon AWS Cloud Front is a web service that delivers content quickly and reliably to your viewers, whatever the device or network. CloudFront gives you all the benefits of a CDN delivered via the Internet with none of the hassles of hardware provisioning, storage management, uptime monitoring, bandwidth upgrades, or peering arrangements.
CloudFront provides secure endpoints for your web videos, mobile videos, and peer-to-peer (P2P) content. CloudFront can deliver your files to unprotected viewers using standard HTTP, streaming live video with HTTP adaptive bit rate (ABR), or Flash Media Server clients. For protected content such as Windows Media Player or QuickTime movies, the client must connect through a supported browser using HTTP public key-based authentication or Microsoft’s PlayReady DRM. CloudFront also supports secure distribution using the HTTPS protocol, providing digital rights management of audio and video content for Netflix on Demand or Vimeo streaming video.
Content delivery network (CDN)
The core of the CloudFront definition was the word Content Delivery Network (CDN). Let’s now understand what CDNs are?
If you have a website or an application, then surely you know the frustration of slow internet. You are thinking that there must be some solution to this problem but it is not clear what. There’s actually one more thing-a CDN! What does CDN stand for? It stands for the content delivery network – which sounds complicated and technical, right? But we will simplify things in just 3 points:
1) A CDN consists of servers around the world
2) These servers cache data so your device can access them faster than if they were coming from overseas
3) Your customers get a quicker experience with less chance of delays because their request goes to the nearby server first rather than across continents.
Where does AWS CloudFront fit into the picture?
CloudFront can be used as a Distribution Network (or CDN) for static and dynamic content. It is completely owned by Amazon, so it’s fast, reliable, scalable, and free to use when you are using less than 10TB of data per month. The diagram below shows how CloudFront fits into the picture.
A typical scenario where AWS CloudFront is used will be as follows:
1. You have a website hosted on an EC2 instance or even an S3 bucket (blog, e-commerce store, etc.) with the origin server being the website’s web servers.
2. The content in your website gets updated frequently, and most of the time it does not require any changes at the origin server.
3. You want the content to be served as fast as possible from anywhere in the world, without compromising with the quality of service (QoS) and reliability.
4. The origin server must sit tight 24/7, cache everything on it and must not have a single point of failure or maintenance window (this is the key factor for choosing CloudFront).
5. You do not like paying each month for bandwidth when you are using less than a certain amount of data (unlimited free tier from AWS is awesome!).
AWS Cloudfront PricingWith CloudFront CDN, it is easy to distribute your content all over the world. You can deliver it to places where you would not be able to do so quickly. But before we get into how you can save money with Amazon CloudFront and answer your question about reducing usage costs for CloudFront, you need to know how the pricing works.
AWS CloudFront pricing options:
- Free-tier: If you are not sure if CloudFront is for you, you can use it for free. You will get 50 GB of data transfer out and 2 million HTTP/HTTPS requests each month during the first year if you sign up with AWS.
- On-demand: You only pay for the services that you use. If you do not use any of them, then you don’t need to pay anything.
- AWS discounted pricing: If you reserve capacity for data that is more than 10 TB per month, then you can get discounts.
Let’s try this in Lab
In this LAB :
- We will create an S3 bucket
- We will create CloudFront Distribution
- We will create an Origin Access Identity
- We will limit the S3 bucket to be accessed only using this identity
Let’s create a bucket!
- Go to AWS Management Console and in search type “S3”
- S3 dashboard will appear and you can see options like Creating a bucket
- Click on Create bucket
- Give it a name of your choice and select the region which is nearest to you
- If the bucket name already exists add any number or alphabet with the same name
- Scroll down and click on Create bucket
- Now we are going to upload a file in this bucket
- Open that bucket and click on Upload
- Click on Add files
- Select 2-3 Image files from your system and click on Upload
Now we will directly come to Cloudfront and see how it works
- In the search bar type “Cloudfront” and click to open
- Click on Create CloudFront distribution
- In Origin Domain name select the bucket which you created now
- Leave the original path as blank as it is optional
- In S3 bucket access click on Yes to restrict the access to CloudFront
- In Origin Access identity we have an existing one so I will select that and if you don’t have click on create new OAI
- In Bucket, policy click on Yes
- Scroll down and come to Default cache behavior
- In Viewer protocol policy select Redirect HTTP to HTTPS
- In HTTP methods allow only GET, HEAD
- Below you will see tons of parameters but, for now, we will just scroll down to the very bottom
- Click on Create distribution
- This distribution will take a lot of time to deploy
- The status will be seen as Enabled
- So, we have to wait for a few minutes to get it Deployed
- Now our distribution is in a deployed state
- On the left-hand side if you click on Origin access identities you will see an identity is created with an ID
- Now if we go to S3 and go inside our bucket and click on Permissions
- Scroll down and you will see that a Policy is created for our distribution and origin access identity is allowed to the GetObject
- So, now our distribution is ready and we will try to access it publicly
- Copy the Domain name from your distribution
- Paste it in the New Tab window from your browser and add any file name which you uploaded in bucket and press enter
- You will be able to view the file
- You are able to view the file because the objects in the bucket are only allowed via Cloudfront as we have seen in the bucket policy
- So, my CloudFront URL takes me directly to that particular file without going to the S3 bucket and all the objects in the bucket as private
Congratulations!! We used AWS CloudFront and are caching all these contents at the edges of the world so that the S3 bucket can only be accessed through CloudFront.
Amazon Web Services (AWS) is a popular cloud computing service that provides many useful services. One of the more popular AWS services, and one we’ve discussed in detail-is CDN – or caching certain objects in edge locations near end-users to help speed up website load times, lower bandwidth costs, and improve reliability when other systems fail. If you’re interested in learning more about this topic from an expert who’s been working with these networks for years, feel free to contact us!