CDN - Content Delivery Flashcards
What is ACM
AWS Certificate Manager
- Can be used to manage certs for AWS managed services like CF and ALBs
- Cannot be used for self-managed resources like EC2
- With CF, the edge locations get the Certificate
- Origin certs must be CA signed, cannot be self-signed
What is OAI
Origin Access Identity
What is Lambsa@Edge
- You can run lightweight Lambda functions at Edge locations
- Adjust data between viewer and origin
- Currently only NodeJS and Python supported
- Lambda layers are not supported
- VPCs are not accessibe
Viewer Request -> Origin Request -> Origin Response -> Viewer Response: Lambda can run before/after each of these steps
What is Global Accelerator
Similar CF
Trick is to decide when to use CF and when to use GAX
Uses Anycast address (vs unicast address which IP address refer to - a single device)
Anycast IPs allow a single IP in multiple locations, routing moves traffic to closest location
When you setup GAX you are assigned multiple anycast addresses that your users can access. They are then connected to the closest AWS edge location that responds to that address. From there, their traffic hops onto AWS backbone and reaches your VPC quicker than the normal internet
It is very much like CF so it is ok to be confused!
GAX moves the actual network as close as possible to your customer while CF caches data close to your customer
Also GAX is a network product - can be used for TCP/UDP whereas CF works at the HTTP layer.
GAX does not cache anything. It does not understand HTTP/S.
What is CF
- CloudFront is AWS’ content delivery solution
- Optimizes user experience when accessing your content by caching data at edge locations
- Can be used to cache static AND dynamic content
- If ACM is used with CF then it has to be generated in us-east-1