We use machine learning technology to do auto-translation. Click "English" on top navigation bar to check Chinese version.
Cost-Optimizing your Amazon Web Services architectures by utilizing Amazon CloudFront features
Use CloudFront for everything – including dynamic content
Suppose you serve dynamic content via web applications or APIs hosted directly from an
If you are using a third-party CDN while hosting your applications on Amazon Web Services, you should be aware that this can be an anti-pattern from a cost perspective of data transfer. Let’s understand why – assume that you’re running a commonly-deployed web application behind
Figure 1: Data flow architecture for content delivery network
Restrict serving content to unwanted regions using CloudFront geographic restriction
Unwanted and malicious traffic can result in additional load on your resources, consume bandwidth, and increase your Amazon Web Services costs. Restricting unwanted traffic at the edge before it hits your other resources can help you save on costs. For example, suppose you don’t want traffic from specific countries to hit your applications. In that case, you can use the
Use CloudFront price classes as a metric for edge location strategy
CloudFront has
Figure 2: CloudFront price class options
Implement controls to reduce the cost of CloudFront logging
You may want to monitor your content distribution metrics, which you can get using CloudFront logs. However, note that real-time logs are charged based on the number of generated log lines, which in turn is based on the number of HTTP requests served by your CloudFront distribution. Therefore, as a best practice, we recommend putting some preventive controls in place to limit the amount of traffic served by your CloudFront distribution using security services such as
- Specify what percentage of requests you want to log
- Choose to log only specific log fields
- Enable real-time logs only for specific CloudFront caching behaviors
You can configure all of this on the CloudFront logs settings as shown in the following image.
Figure 3: CloudFront logging
Optimize cache hit ratio for non-Amazon Web Services Origins
CloudFront is often used as a content distribution layer for applications hosted outside of Amazon Web Services. In these cases, optimizing the cache hit ratio can help save origin request submission costs. Cache hit ratio is the percentage of total requests that are served from the content cached at the edge locations. Take advantage of CloudFront’s customizable cache policies to improve the cache hit ratio by controlling the cache key. The cache key is the unique identifier for every object in the cache, and it determines whether a viewer request results in a cache hit. A cache hit occurs when a viewer request generates the same cache key as a prior request, and the object for that cache key is in the edge location’s cache and valid. One way to improve your cache hit ratio is to include only the minimum necessary values in the cache key. Optimize your cache hit ratio by
Figure 4: CloudFront cache key settings
Effectively utilize CloudFront compressed data caching capabilities
CloudFront natively supports requesting and caching objects compressed in the GZIP or Brotli compression formats. CloudFront serves the compressed objects when the viewer’s web browsers or other clients support them and indicate their support for compressed objects with the Accept-Encoding HTTP header. Object compression helps reduce your costs because you’re transferring less data out from your origin servers to the internet. If certain file types aren’t
Figure 5: CloudFront compressed data cache
Optimize CloudFront caching strategy to reduce cache invalidations
If you must remove a file from CloudFront edge caches before it expires, then you can invalidate the file from edge caches. You’re charged for invalidation requests beyond the first 1,000 paths requested for invalidation each month. Therefore, it’s important to know some general best practices to save costs on invalidation.
We recommend that you
Figure 6: CloudFront TTL options
If you must remove a file from CloudFront edge caches before it expires, then you can consider using file versioning to serve a different version of the file that has a different name. Versioning enables you to control which file a request returns even when the user has a version cached either locally or behind a corporate caching proxy. If you invalidate the file, then the user might continue to see the old version until it expires from those caches. Versioning is less expensive. You still have to pay for CloudFront to transfer new versions of your files to edge locations in the case of non-Amazon Web Services origins, but you don’t have to pay for invalidating files. For more information, see
Consider using wildcard (*) path invalidations instead of individual file invalidations. You pay for each invalidation path, however an invalidation path can be for a single file, such as (/images/logo.jpg) or multiple files (such as /images/*). A path that includes the * wildcard counts as one path even if it causes CloudFront to invalidate thousands of files.
Optimize Lambda@Edge execution costs by rightsizing Amazon Web Services Lambda runtime
The cost of running Lambda@Edge for your workload is determined by three factors: the number of executions, the duration of execution of the
Conclusion
This post explains some best practices that can help you optimize your costs for some commonly deployed architectures on Amazon Web Services by leveraging
The mentioned AWS GenAI Services service names relating to generative AI are only available or previewed in the Global Regions. Amazon Web Services China promotes AWS GenAI Services relating to generative AI solely for China-to-global business purposes and/or advanced technology introduction.