Hacker News new | past | comments | ask | show | jobs | submit login

Sure, if you're a business that has to burn money on servers anyways, but a lot of people avoid AWS for side-projects and non-business applications because it can easily balloon to over $100/month with just a few services and moderate traffic.



Counter-point: it can also be extremely cheap.

I’m in a seemingly small subset of people that is very happy with AWS for side projects. Granted I’m not doing anything that requires many resources.


Also, CloudFront can't proxy bare EC2 servers, you have to shove them behind an ELB, which is additional cost.


Of course it can.


So, the CloudFront setup process only surfaces S3, ELBs, API Gateways, Mediastore, and Mediapackage domains as origin domains. I do notice that it will let me type in an arbitrary domain - is that how you're supposed to stick bare EC2 instances behind CloudFront? Just provide it something like realoriginserverplsdonthack.example.com and use some other method (e.g. VPC configuration) to prevent bypassing CloudFront?


Correct, you can put multiple instances (A records) there, if on route53 you can also use healthchecks, geo etc.

If you want to lock ec2 access to cloudfront only you can do it in SG with "managed prefix list for CloudFront".




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: