Good Morning! The third wave - Sunshine Beach (Excuse quality, iPhone 3Gs) #photography #landscape #seascape #SunshineBeach #surf #CloudFront #gift #EastCoastKin

【100円でできる！】NFCカード+S3+CloudFrontで始めるデジタル名刺生活
https://qiita.com/ryu-ki/items/965d35a5b9abe86d0054?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #S3 #NFC #初心者 #CloudFront

AWS CloudFront キャッシュポリシーのチューニングベストプラクティス【パフォーマンス＆コスト最適化】
https://qiita.com/keitah/items/a7a9e398d24c05833203?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #SRE #CloudFront

【小ネタ/ハンズオン】CloudFront＋ALB＋Cognitoを使って簡単Web認証基盤を作ってみよう！！
https://qiita.com/mob_engineer/items/ab046524707f835b5107?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #CloudFront #初心者向け #ハンズオン #ALB

【小ネタ】AWS Cognito + CloudFrontで最低限の認証機能付きWebブラウザを実装しよう
https://qiita.com/mob_engineer/items/8719e0b85fa340352771?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #小ネタ #CloudFront #cognito

Blog of the day : Hosting your Frontend on AWS with the CloudFront Hosting Toolkit

https://awsfundamentals.com/blog/cloudfront-hosting-toolki

#AWS #CloudFront #React #Vite

AWSで作成したリソースをサイトから確認したい
https://qiita.com/yu_720/items/ae5961dd0486ececb059?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #S3 #CloudFront #lambda #EventBridge

【実践記】プログラミングを始めて1年目　Vite＋Go＋AWSでブログ制作してみた。
https://qiita.com/run4learning/items/6e80e875ca2e01030884?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #Go #AWS #EC2 #CloudFront #React

The PHP community's resident API curmudgeon, @Philsturgeon, has a new post on setting up HTTP caching with Laravel Vapor.

"It's worth the work, because it cuts down on costs, and even helps reduce the carbon impact of your software, so it's basically rude not to turn it on."

https://apisyouwonthate.com/blog/http-caching-for-laravel-vapor/

#PHP #Laravel #LaravelVapor #AWS #CloudFront

【AWS】Lambda-lithで作るWebアプリ【備忘録】
https://qiita.com/gapao__rice/items/04f58e50d2d53064f5e7?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

#qiita #AWS #CloudFront #lambda #サーバーレス #lambda_lith

Weil über die Neobank #N26 viel positives zu lesen ist, wollte ich sie mir mal näher angucken. Als ich die lückenhafte Webseite sah, ahnte ich bereits schimmes. Der Blick in die unterbundenen Verbindungen bestätigte es dann.

Wer Daten beim amerikanischen Dienst eines Mörders auslagert, ist für mich indiskutabel. #cloudfront = #aws = #amazon

Ich halte es für verantwortungslos, dass derartige Details in Tests nicht nur keine Rolle spielen, sondern überhaupt nicht berücksichtigt werden. #StiftungWarentest #Test

🎉🥳 Microsoft's 50th anniversary: where we learn that even reminiscing about the glory days gets a 403 #error. 🤷‍♂️🔒 Apparently, #nostalgia is too high-volume for #CloudFront. 🖥️🚫
https://www.seattletimes.com/business/microsoft/microsoft-turns-50-4-employees-recall-their-early-years/ #Microsoft50th #TechHumor #AnniversaryCelebration #HackerNews #ngated

Bringing down the curtain Cloudfront over Mooloolah Valley Please click in to this one, it's dark... #photography #landscape #ominous #treescape #silhouette #contrast #filigree #cloudfront #monochrome #EastCoastKin #PhotographersUnited

🔐 CloudFront & SSL

TIL that AWS CloudFront does not support self-signed certificates—only ACM or trusted CA certs work.

Details here: 👉 https://til.sanyamkhurana.com/#/topics/aws/no-self-signed-certificates-in-cloudfronts-ssl-connection

#AWS #CloudFront #SSL #TIL

@grutzifix Die auf dem Bild als Quelle angegebene Website bindet den Google-Tracker ein. Schon von daher scheinen die ziemlich plemplem zu sein. Der Inhalt der Seite wird über Server von #Cloudfront (Amazon) ausgeliefert, die sich in den USA befinden.

Aber auch wenn es diese technischen – ähm – Auffälligkeiten nicht gäbe, finde ich es nicht gut, zum Boykott gegen ein ganzes Land aufzurufen. Das ist nationalistisch und trifft auch die Menschen dort, die nicht Trump gewählt haben.

For the new project, I wanted to use the #gofundme service. Because their website wouldn't load properly, it turned out that the data collectors #cloudfront and #cloudflare were integrated there. That put an end to my request.

#Liberapay is probably the only solution left. Or do you have any recommendable experiences?

Für das neue Projekt wollte ich auf den Dienst #gofundme setzen. Weil deren Webseite nicht richtig laden wollte, offenbarte sich, dass dort die Datensammler #cloudfront und #cloudflare eingebunden sind. Damit hatte sich mein Ansinnen prompt erledigt.

Bleibt wohl nur #Liberapay als Lösung übrig. Oder gibt es empfehlenswerte Erfahrungen?

Вже вдруге за тиждень стикаюсь з невідомою проблемою з #s3, коли не вдається доступ іншим сервісам до нього отримати. З початку це був #CloudFront, потім #Flowlogs. Перевірили усе, починаючи з ролей #IAM, закінчуючи політиками на самих бакетах. Й знов винним виявився #KMS. То якщо у вас усе працює під вашого акаунту, а з під сервісного - ні, у першу чергу перевіряйте, чи є у сервіса до ключів шифрування
#AWS #Amazon #troubleshooting

The punchline on my #DNS reconfiguration is that nothing went wrong because I didn’t actually make any changes that took effect. I do a weird config to have reliable DNS:
I have a hidden master that uses dnsmadeeasy as the public servers. They answer authoritatively but they’re getting records from my #powerdns server.

Well, one problem I have is using CDNs at the apex zone. I use #AWS #cloudfront as my #CDN. This is fine when you use #Route53 as your DNS. They can put alias records in at the apex. But it doesn’t work with dnsmadeeasy secondary zones. The way I run them.

Name dot com is my registrar. They can do alias records. So I think they also do DNS for free. I’m going to migrate my Route53 zones to the free DNS instead of paying $0.50 per zone per month. All this effort will save me about $6.50/month.
#homelab #selfhosting

Finally, it's possible to host EC2 instances without paying the public IPv4 price using CloudFront VPC origins.

This is a new feature announced on Nov 20 and got Terraform support mid-December.

In a nutshell, it allows CloudFront to reach into a private subnet and use the private IPv4 addresses there. This achieves two things:

* First, the instances in the subnet don't need to be public anymore. This is a huge improvement over the previous way as it makes CloudFront the only way to connect
* And second, there is no need for a public IPv4 address. Since mid-2023 AWS charges per address (the IPv4 tax) so not having one makes the solution cheaper

While it's clearly an improvement there are still some rough edges in practice. Without an IPv4 address the instance can't connect to the outside internet via IPv4. Of course, there are solutions for this, but they come with their downsides as well:

* Use IPv6. This is getting easier every day, but if a site you need don't support IPv6 then you can't connect to it. NPM supports. GitHub so-so. While adoption is increasing, it's still a hit or miss. Even AWS's own CLI defaults to IPv4 only and needs the `aws configure set default.s3.use_dualstack_endpoint true` to allow IPv6.
* Use a NAT gateway. Make sure you check the pricing page first
* You can deploy everything into the instance so that it does not need to connect to outside sites at all. For example, [this guide](https://jonascarpay.com/posts/2022-09-19-declarative-deployment.html) builds a full image with everything included, there is no need to run `npm ci` inside the container or fetch anything else

Overall I'm happy with this new addition to CloudFront as it makes the architecture of hosting EC2 instances easier and it brings the possibility to avoid having a public IPv4 address.

#aws #cloudfront #vpc

Originally published [on my blog](https://advancedweb.hu/shorts/finally-its-possible-to-host-ec2-instances-without-paying-the-public-ipv4-price-using-cloudfront-vpc-origins/)