top | item 45983494

(no title)

ipsento606 | 3 months ago

https://aws.amazon.com/cloudfront/pricing/ says that the $15-per-month plan comes with 50TB of "data transfer"

Does "data transfer" not mean CDN bandwidth here? Otherwise, that price seems two orders of magnitude less than I would expect

discuss

throwaway-aws9|3 months ago

With AWS, there's always a catch. In this case, it's for 10M requests. In other words, you pay $15 for 10M requests of up to 5MB each.

[edit: looks like there's no overages but they may force you to flip to the next tier and seems like they will throttle you https://docs.aws.amazon.com/AmazonCloudFront/latest/Develope....]

yellow_cobra|3 months ago

You get visibility into your usage, and you're seeing if you're exceeding the usage. They recommend to use plans if your typical traffic is 'only' up to 50TB per month. Occasional spikes are fine from what I understand.

weberer|3 months ago

The $15 plan notably does not come with DDoS protection though.

yellow_cobra|3 months ago

This is not true. Even the Free plan has DDoS protection. L3/L4 (TCP SYN floods, UDP reflection attacks and similar) filtering is built-in and always-on, by default. CloudFront terminates TLS, and only forwards valid HTTP(S) requests to cache / origin.

The "Always-on DDoS Protection" on L7 is protection against massive requests spikes, built natively into CloudFront. Detection and mitigation of these attacks happens inline.

The "Advanced DDoS Protection" on L7 is adjustable, score-based DDoS protection configurable on AWS WAF (https://aws.amazon.com/blogs/networking-and-content-delivery...). Detection and mitigation of these attacks happens within seconds.

ipsento606|3 months ago

the pricing page says it comes with "Always-on DDoS Protection" but not "Advanced DDoS Protection"

I have no idea what these terms mean in practice