CloudFront

Question 1

What does CDN stand for??

Answer 1

Content Delivery Network
(Think CloudFront)

Question 2

• Content Delivery Network (CDN)
• Improves read performance, content is cached at the edge
• Improves users experience
• 216 Point of Presence globally (edge
  locations)
• DDoS protection (because worldwide), integration with Shield, AWS Web Application Firewall

Answer 2

Amazon CloudFront

Question 3

What are the 2 type of CloudFront Origins?

Answer 3

S3 Bucket
Custom Origin (HTTP)

Question 4

CloudFront – Origins -
* For distributing files and caching them at the edge
* Enhanced security with CloudFront Origin Access Control (OAC)
* OAC is replacing Origin Access Identity (OAI)
* CloudFront can be used as an ingress (to upload files to S3)

Answer 4

S3 bucket

Question 5

CloudFront – Origins -
* Application Load Balancer
* EC2 instance
* S3 website (must first enable the bucket as a static S3 website)
* Any HTTP backend you want

Answer 5

Custom Origin (HTTP)

Question 6

What is the difference between CloudFront vs S3 Cross Region Replication

Answer 6

CloudFront:
- Global Edge network
- Files are cached for a TTL (maybe a day)
- Great for static content that must be available everywhere

S3 Cross Region Replication
- Must be setup for each region you want replication to happen
- Files are updated in near real-time
- Read only
- Great for dynamic content that needs to be available at low-latency in few regions

Question 7

What are the different CloudFront – Price Classes

Answer 7

Price Class All
Price Class 200
Price Class 100

Question 8

CloudFront – Price Classes - all regions – best performance

Answer 8

Price Class All

Question 9

CloudFront – Price Classes - most regions, but excludes the most expensive regions

Answer 9

Price Class 200

Question 10

CloudFront – Price Classes - only the least expensive regions

Answer 10

Price Class 100

Question 11

In case you update the back-end origin, CloudFront doesn’t know about it and will only get the refreshed content after the TTL has expired

However, you can force an entire or partial cache refresh (thus bypassing the TTL) by performing a _____________________

Answer 11

CloudFront – Cache Invalidations

Question 12

You can force an ________ or ________ cache refresh (thus bypassing the TTL) by performing a CloudFront Invalidation

Answer 12

entire
partial

Question 13

CloudFront – Cache Invalidations You can invalidate ________ or a ________

Answer 13

all files ()
special path (/images/)

Question 14

• Leverage the AWS internal network to route to your application
• 2 Anycast IP are created for your application
• The Anycast IP send traffic directly to Edge Locations
• The Edge locations send the traffic to your application

Answer 14

AWS Global Accelerator

Question 15

What does AWS Global Accelerator work with??

Answer 15

Elastic IP
EC2 instances
ALB
NLB
public or private

Question 16

• Intelligent routing to lowest latency and fast regional failover
• No issue with client cache (because the IP doesn’t change)
• Internal AWS network

Answer 16

AWS Global Accelerator - Consistent Performance

Question 17

Does AWS Global Accelerator perform Health Checks?

Answer 17

YES

Question 18

• Global Accelerator performs a health check of your applications
• Helps make your application global (failover less than 1 minute for unhealthy)
• Great for disaster recovery (thanks to the health checks)

Answer 18

AWS Global Accelerator - Health Checks

Question 19

• only 2 external IP need to be whitelisted
• DDoS protection thanks to AWS Shield

Answer 19

AWS Global Accelerator - Security