CDN and Amazon CloudFront

Content Delivery Network (CDN)

A Content Delivery Network (CDN) is a distributed network of servers strategically located across various geographic regions, designed to deliver web content to users as quickly, reliably, and securely as possible. Its primary goal is to reduce the latency and improve the user experience by caching and delivering the content from servers that are physically closer to the user.

Use cases

Global Website

Websites or applications with users distributed across regions can benefit from CDNs for better performance and user experience.

Static Content Delivery

Static content like images, videos, HTML pages, CSS files, JavaScript, and other assets can be cached on the CDN edge servers to reduce the latency load times for users.

Video Streaming

CDNs reduce buffering and latency, ensuring a smooth streaming experience, especially for live and on-demand video streaming.

Security

Offer DDoS protection to the applications, secure content delivery (SSL/TTL) or geo-restriction.

Amazon CloudFront

CloudFront is AWS's Content Delivery Network (CDN). It enhances read performance by caching the content of the website at many edge locations around the world. Users experience lower latency, since content is delivered from a location geographically closer to them.

CloudFront has 216 points of presence (PoPs) globally, which are AWS's edge locations. AWS continuously adds new edge locations to further enhance user experience across different regions.

Benefits

Improved Latency

Content is cached worldwide, users can access it with minimal delay. This is especially important for global websites.

DDoS Protection

CloudFront offers DDoS protection. This protection is enhanced by AWS Shield and the Web Application Firewall (WAF).

CloudFront Origins

CloudFront supports several types of origins:

• S3 Bucket: It can distribute and cache files from our S3 bucket at edge locations. We can use?Origin Access Control (OAC) (the older solution is Origin Access Identity (OAI)) to restrict access to the S3 bucket only via CloudFront.
• Custom HTTP Backends: CloudFront can also work with custom origins like?Application Load Balancers,?EC2 instances, S3 static websites, or any HTTP backend.

How CloudFront Works

?

When a client makes an HTTP request to an edge location:

• If the cache is hit, CloudFront serves it directly.
• If it's not cached, CloudFront fetches the content from the origin and caches it locally. Subsequent requests for the same content from the same edge location will be served from the cache

A S3 bucket in a specific region can be the origin, and users can access the content from the nearest location. CloudFront uses a private connection between the edge location and the S3 bucket, secured by OAC and the appropriate S3 bucket policy.

CloudFront vs. S3 Cross-Region Replication

CloudFront

• Uses the?global edge network with over 216 points of presence.
• Caches files at each edge location for a set TTL.
• Ideal for?static content that needs to be available globally with low latency.

S3 Cross-Region Replication

• It must be configured for each region where replication is required.
• Updates files in near real-time, without caching.
• Primarily for?dynamic content that changes frequently and must be read across specific regions with low latency.