author-image

Karen Kilroy

Amazon S3 + Amazon CloudFront

Making your static websites performant

If you have a website, the chances are that you are probably storing and delivering static content. In the pre-cloud era, you would store the content for your website on your own server. But, investing in and managing storage infrastructure can be a costly and wasteful solution as you do not benefit from the same economies of scale that large corporations do. Fast forward to today, cloud storage has radically changed how we store our data. Now, you do not have to carry the burden of infrastructure maintenance. You can outsource infrastructure and only pay for what you need… introducing Amazon's S3 service.

As one of AWS’s oldest services, Amazon’s object storage service (S3), has gained a lot of traction as a cheap, scalable and performant solution for hosting static websites. Today, we are going to focus on using S3 to serve web content.

S3

S3 Logo

The first step in delivering your data is to store it. Amazon Simple Storage Service (S3) is Amazon’s object storage service. S3 is used to store and retrieve an infinite volume of data from all around the world.

The service focuses on simplicity and robustness. It’s simple, effective design is one of the reasons we use S3 so frequently here at Fathom. Here are some of the key features and benefits of S3:

  1. Scalability: S3 scales on-demand, therefore, you do not have to provision large storage systems. You only pay for what you use.
  2. Backup and Archive: With S3 version control, users can prevent unintended overwriting or deletion of objects. Versioning can also be used to compare older versions of files.
  3. Disaster Recovery: Amazon uses three or more availability zones to ensure your data is durable and available. It also supports cross-region replication so, if you want to take matters into your own hands, you can easily copy data to a second location.
  4. Lifecycle Management: To suit specific customer needs, S3 provides a myriad of storage options from Standard S3 to Amazon Glacier (Figure 1). To ensure customers can utilise the most cost-effective solution, Amazon allows users to automatically transition data from one tier to another, depending on their needs. Users can also use this lifecycle management feature to expire objects (based on the retention period).
  5. Content Storage and Distribution: S3 can also be used as the basis for a Content Delivery Network.

S3 Tier Table

Figure 1 (Amazon Web Services, Inc., 2019)


Storing and serving your content through S3 has a lot of advantages, but there are limitations such as performance and https support:

  1. Static web content hosted in S3 alone does not support HTTPS (Best practises use HTTPS)
  2. S3 not designed for performance

Here at Fathom, we strive to design systems that serve web content safely, and as quickly as possible to all users in all locations. To further enhance the performance of your application and attain the most cost-effective solution, we recommend setting up CloudFront to serve content stored in S3. Amazon claims that if implemented correctly, delivering data through CloudFront can be more cost-effective than delivering it from S3 directly. Let’s take a look at Amazon’s CDN.

Improved performance and cost-efficiency

CloudFront has gained recognition as Amazon’s CDN service. CDN, which stands for content delivery network, is a very large distribution of servers that are located around the world, which work together to provide fast delivery of content. Working in tandem with S3, these services allow developers to store and deliver content with speed and scale, whilst, in many cases, also providing a more secure and cost-effective solution than serving content on S3 alone.

CloudFront is used to deliver static and dynamic content securely, at scale from a number of geographical locations through a network of servers called “Edge Locations”. These Edge Locations are scattered across the world to serve content to customers based on their physical location. This enables servers to cache and serve content closer to customers, reducing latency and improving performance. AWS Edge locations can be seen in (Figure 2).

S3 Tier Table

Figure 2 (Amazon Web Services, 2019)


Edge Locations Explained

To illustrate how Amazon’s Edge locations work, we will use an example. Meet Anne and Luke.

Character Table Edge Locations

Both Anna and Luke want to access the Fathom website. But the Fathom website is located in Amazon's region eu-west-1 (Europe - Ireland). If the website was hosted by S3 alone, Anna would access the content quicker, as she is physically closer to the server. But, Anna is in luck. Fathom use CloudFront. When Luke tries to retrieve content from Fathom’s server in Ireland, CloudFront will direct him to the “least latent” Edge Location (located somewhere in Australia). If the content is cached on the Australian server, Luke will retrieve the content from there. This will reduce the load on the S3 bucket and provide a faster response. If the content is not yet cached there, CloudFront will retrieve it from the origin (S3) and store it on the edge location for future use.

Character Table Edge Locations On Map



Security

Finally, as well as improving cost-efficiency and latency, CloudFront also helps to secure your content. CloudFront has multiple features that allow you to restrict access to the content you serve from S3. These include geo-restrictions, signed URLs, and signed cookies. CloudFront also allows you to use OAI, AWS WAF and AWS Shield to further secure your data.

  1. Origin Access Identity (OAI) is a special feature that is used to restrict access to an S3 bucket while allowing access through CloudFront.
  2. CloudFront integrated AWS WAF is AWS’s web application firewall. This firewall allows you to protect your applications from common web exploits such as SQL injections (Amazon Web Services, Inc., 2019). WAF lets you control access to your content based on conditions such as IP addresses and content requests.
  3. AWS Shield is a managed DDoS protection service.


Keep a lookout for part 2: How to set up your static web site with S3 and CloudFront

References

Amazon Web Services. (2019). Amazon S3 + Amazon CloudFront: A Match Made in the Cloud | Amazon Web Services. [online] Available at: https://aws.amazon.com/blogs/networking-and-content-delivery/amazon-s3-amazon-cloudfront-a-match-made-in-the-cloud/

Amazon Web Services, Inc. (2019). Object Storage Classes – Amazon S3. [online] Available at: https://aws.amazon.com/s3/storage-classes/

Amazon Web Services, Inc. (2019). AWS WAF - Web Application Firewall - Amazon Web Services (AWS). [online] Available at: https://aws.amazon.com/waf/

SO WHAT DO YOU THINK ?

We love to talk about ideas, innovation, technology and just about anything else. Really, we love to talk.

Contact fathom