Image from AWS official document

What is CloudFront?

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.

Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations.

When a user requests content that you’re serving with CloudFront, the request is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.

• If the content is already in the edge location with the lowest latency, CloudFront delivers it immediately.

• If the content is not in that edge location, CloudFront retrieves it from an origin that you’ve defined — such as an Amazon S3 bucket, a Media Package channel, or an HTTP server (for example, a web server) that you have identified as the source for the definitive version of your content.

As an example, suppose that you’re serving an image from a traditional web server, not from CloudFront. For example, you might serve an image, sunsetphoto.png, using the URL http://example.com/sunsetphoto.png.

Your users can easily navigate to this URL and see the image. But they probably don’t know that their request is routed from one network to another — through the complex collection of interconnected networks that comprise the internet — until the image is found.

CloudFront speeds up the distribution of your content by routing each user request through the AWS backbone network to the edge location that can best serve your content. Typically, this is a CloudFront edge server that provides the fastest delivery to the viewer.

Using the AWS network dramatically reduces the number of networks that your users’ requests must pass through, which improves performance. Users get lower latency — the time it takes to load the first byte of the file — and higher data transfer rates.

You also get increased reliability and availability because copies of your files (also known as objects) are now held (or cached) in multiple edge locations around the world.

How Does Amazon CloudFront Work?

CloudFront works seamlessly with any AWS origin, such as Amazon S3, Amazon EC2, Elastic Load Balancing, or with any custom HTTP origin. You can customize your content delivery through CloudFront using the secure and programmable edge computing features CloudFront Functions and AWS Lambda@Edge.

Image from AWS official document

Key Benefits of CloudFront

Global Scaled Network for Fast Content Delivery

Amazon CloudFront is massively scaled and globally distributed. The CloudFront network has 225+ points of presence (PoPs) that are interconnected via the AWS backbone delivering ultra-low latency performance and high availability to your end users.

The AWS backbone is a private network built on a global, fully redundant, parallel 100 GbE metro fiber network linked via trans-oceanic cables across the Atlantic, Pacific, and Indian Oceans, as well as, the Mediterranean, Red Sea, and South China Seas.

Amazon CloudFront automatically maps network conditions and intelligently routes your user’s traffic to the most performant AWS edge location to serve up cached or dynamic content. CloudFront comes default with a multi-tiered caching architecture that offers you improved cache width and origin protection.

Deep Integration with AWS

Amazon CloudFront is integrated with AWS services such as Amazon S3, Amazon EC2, Elastic Load Balancing, Amazon Route 53, and AWS Elemental Media Services for easy set-up.

As a developer, you can use the AWS management console or familiar developer tools such as CloudFormation templates, the AWS Cloud Development Kit, and APIs. CloudFront’s integration with Amazon Cloudwatch and Kinesis offers real-time observability through metrics and logs.

Security at the Edge

Amazon CloudFront is a highly secure CDN that provides both network and application level protection. All your CloudFront distributions are defended by default against the most frequently occurring network and transport layer DDoS attacks that target your websites or applications with AWS Shield Standard.

To defend against more complex attacks, you can add a flexible, layered security perimeter by integrating CloudFront with AWS Shield Advanced and AWS Web Application Firewall (WAF). Firewall rules, curated and managed by Amazon security experts, to protect against common CVEs and OWASP Top 10 security risks are provided to you with AWS Managed Rules for AWS WAF.

Highly Programmable and Secure Edge Computing

With edge compute features CloudFront Functions and Lambda@Edge, you can easily run code across AWS locations globally, allowing you to personalize content and respond to your end users with improved latency.

For example, you can use CloudFront Functions to deliver unique content based on visitor attributes, generate custom responses, or conduct A/B testing running your own custom code on AWS infrastructure. With Lambda@Edge, you can complement or entirely replace your origin servers. Lambda@Edge can be used for server-side rendering of web pages, manipulating streaming manifest files on-the-fly for ad insertion, or adding security tokens. Both CloudFront Functions and Lambda@Edge protect your data from attack with built-in security isolation.

Cost-Effective

Amazon CloudFront offers cost-effective content-delivery globally. Integrated with AWS, there are no transfer fees for origin fetches from any AWS origin and AWS Certificate Manager (ACM) offers custom TLS certificates, at no charge.

CloudFront offers customizable pricing options including simple pay-as-you go pricing with no upfront fees and the CloudFront Security Savings Bundle that helps save up to an additional 30%. For steeper discounts, custom pricing is available for minimum traffic commitments (typically 10 TB/month or higher). Support for the CDN is included in your existing AWS Support subscription.

Image from AWS official document

AWS Free Usage Tier

As part of the AWS Free Usage Tier, you can get started with Amazon CloudFront for free. Upon sign-up, new AWS customers receive 50 GB Data Transfer Out and 2,000,000 HTTP and HTTPS Requests, and 2,000,000 CloudFront Function invocations each month for one year.