I'm considering implementing CloudFront in front of my REST API Gateway since it now offers flat rate pricing that includes WAF (Web Application Firewall) and DDoS protection. From an infrastructure design perspective, does this approach make sense?
4 Answers
I highly recommend using a WAF for most companies since it adds an essential layer of defense against automated attacks. It's generally worth it unless you're in a really unique situation.
CloudFront not only adds WAF benefits, but it also enhances your API setup with features like distributed edge delivery and caching. Plus, you can use multiple origins, such as serving static content from S3, which is pretty cool.
If anyone's looking for more info, you can check out the [CloudFront docs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.html) and the [pricing sheet](https://aws.amazon.com/cloudfront/pricing/). There's even a free tier and a pro tier at $15/month that looks appealing!
Using CloudFront with your API Gateway definitely makes sense if you're looking for that extra layer of protection and if the pricing is suitable for your needs. Just be cautious—if you don't need those security features, it might be more than what you actually require.
Related Questions
How to Build a Custom GPT Journalist That Posts Directly to WordPress
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads