Pricing, since it's not explicitly mentioned in the blog post:
You pay $600 per month for each custom SSL certificate associated with one
or more CloudFront distributions. This monthly fee is pro-rated by the hour.
For example, if you had your custom SSL certificate associated with at least
one CloudFront distribution for just 24 hours (i.e. 1 day) in the month of June,
your total charge for using the custom SSL certificate feature in June will be
(1 day / 30 days) * $600 = $20.
CloudFlare ( https://www.cloudflare.com/ ) are going to be getting a lot of new customers very soon I suspect.
Not least because they intend to give SSL to everyone (even the free tier) very soon, and have acquired enough IPv4 addresses to make doing so possible. Additionally their price for custom SSL certificates is a fraction of the price of CloudFront.
It is strange, watching a company like Amazon make a pricing decision like this, knowing how it will then shift things.
In our startup ( http://microco.sm ), we are implementing S3 for storage, and then to use multiple reverse proxies that make our static files surface (with our sites) through CloudFlare. The best of both worlds.
Jesus. I served 5 TB of video on a site with Cloudfront last month and it was cheaper than that. I'll stick with my uglyrandomletters.cloudfront.net domain.
I presume it means that when I upload an SSL cert and associate it with one (or more) cloudfront distribution, that Amazon ends up dedicating at least one IP address at every edge location solely to my SSL cert?
I guess the scarcity of IP address space explains the steep pricing? They want you to consider other options before asking to reserve 40 dedicated IP addresses.
Unfortunately the documentation doesn't mention how it's implemented (at least I couldn't find anything), but considering the steep pricing, you're probably right with your assumption.
Hopefully they'll be able to switch to Server Name Indication (SNI) in the near future as that would save a lot of IP addresses (and, if that's their biggest cost factor, allow them to lower the price). I think Windows XP is the biggest obstacle w.r.t. SNI, but thankfully XP will be EOL'd soon(ish).
Both of these features look really useful; kudos to AWS for launching them. I've already moved my personal website's root domain directly to CloudFront. (I was previously hosting the root domain through S3 and the "www" through CloudFront, so it's nice to have them both set up the same way now.)
Awesome. I just started with cloudfront a few weeks ago and to my understanding the root domain thing has been asked about for years. I was kind of bummed that I had to start using www because I have a pretty short domain.
pfg|12 years ago
cperciva|12 years ago
This is... impressively expensive.
buro9|12 years ago
Not least because they intend to give SSL to everyone (even the free tier) very soon, and have acquired enough IPv4 addresses to make doing so possible. Additionally their price for custom SSL certificates is a fraction of the price of CloudFront.
It is strange, watching a company like Amazon make a pricing decision like this, knowing how it will then shift things.
In our startup ( http://microco.sm ), we are implementing S3 for storage, and then to use multiple reverse proxies that make our static files surface (with our sites) through CloudFlare. The best of both worlds.
psychometry|12 years ago
bdb|12 years ago
stellar678|12 years ago
I presume it means that when I upload an SSL cert and associate it with one (or more) cloudfront distribution, that Amazon ends up dedicating at least one IP address at every edge location solely to my SSL cert?
I guess the scarcity of IP address space explains the steep pricing? They want you to consider other options before asking to reserve 40 dedicated IP addresses.
pfg|12 years ago
Hopefully they'll be able to switch to Server Name Indication (SNI) in the near future as that would save a lot of IP addresses (and, if that's their biggest cost factor, allow them to lower the price). I think Windows XP is the biggest obstacle w.r.t. SNI, but thankfully XP will be EOL'd soon(ish).
adrr|12 years ago
RyanGWU82|12 years ago
cperciva|12 years ago
jere|12 years ago