Architecting on AWS 筆記:Edge Services

Edge Services

CloudFront vs Global Accelerator


Global Accelerator

CloudFront 與 Global Accelerator 比較表

功能 CloudFront Global Accelerator
目的 Layer 7 HTTP 或 HTTPS 的 CDN (1) Layer 4 TCP 或 UDP proxy; (2) Global traffic manager
Protocol support HTTP 或 HTTPS Any protocol running over TCP or UDP
Content cacheing
Routing DNS-based Anycast
IP addressing Dynamic IP address Two global static IP addresses, with ability to BYOIP address ranges
Failover (1) Native origin failover based on HTTP error code; (2) timeout; (3) Route 53 DNS Built-in origin failover in less then 30 seconds with no dependency on DNS TTLs
Application hosting S3 bucket, HTTP server, AWS Elemental MediaStore, or other services from CloudFront supports to get files ALB, NLB, EC2 instance, Elastic IPs

Shield Standard

在網路層中主要是擋第 3 層和第 4 層,例如:ELB 會 block 惡意打過來的 IP。


WAF 是 利用 Web ACL 實作,能阻擋 shield standard 不能擋的部份,意即第 3 層和第 4 層之外,都可以擋。


若希望 server 要在自己家的機房,就把 AWS Outposts 機器放在自己家的機房即可。

CloudFront Serverless AWS Architecting on AWS Amazon Web Services 讀書會 閱讀筆記 趨勢科技 Trend Micro