AWS global infrastructure expands every year, and as of today, it spans 99 Availability Zones within 31 geographic regions worldwide, with announced plans for 15 more Availability Zones and five more AWS Regions in Canada, Israel, Malaysia, New Zealand, and Thailand.
When working with AWS, you will encounter concepts such as regions, availability zones, and data centers. Another crucial component of this global infrastructure is the AWS Global Edge Network, which establishes dependable, low-latency, and high-throughput network connectivity worldwide, known as the "AWS Backbone Network."
This article delves into the concept of an AWS Edge location and its importance for your applications. We will discuss how they function, highlighting the distinctions between an AWS Edge location and an AWS region, as well as the advantages of utilizing them.
Understanding AWS Edge Locations
AWS offers an impressive list of networking and content delivery services. Using edge networking services ensures your user-facing data is transmitted securely and quickly worldwide. These services move your data away from the risks of the internet and place them in the protective walls of the AWS global network.
Encrypting your data, minimizing network hops, and controlling application access help reduce the chances of an attack. With services such as Amazon CloudFront, AWS Global Accelerator, and Amazon Route 53 strategically positioned worldwide, your data delivery attains speeds with only a few milliseconds of latency, thanks to dedicated 100Gbps redundant fiber connections.
When people talk about edge locations on AWS, they usually speak about Amazon CloudFront. CloudFront is a content delivery network (CDN) that serves data directly from the edge locations' cache, making it incredibly fast. Most people utilize CloudFront to expedite webpage loading, store images, or stream videos.
With Amazon Route 53 Global Network, you can deliver and manage DNS servers at a series of worldwide locations, offering you high availability and enhanced performance.
AWS Global Accelerator allows you to proxy requests through Amazon's backbone network. It connects your application to the nearest edge location and then requests travel through Amazon's network, which often provides faster speeds and superior performance compared to the regular internet.
Edge Points of Presence (POPs) and Regional Edge Caches (RECs)
When a user requests data or an object in your application, the request goes from the client to the AWS servers and back to the user. We benefit from the edge networking locations when distributing your content using CloudFront.
In the scenario above, our website "example.com" uses a CloudFront Distribution to deliver our data to our users. This is what happens next:
The user opens your website and requests an object like an HTML file.
The CloudFront URL/DNS routes the request to the nearest CloudFront Point of Presence (PoP or edge location)
The Edge Location cache is checked.
If the object is in the cache, CloudFront returns it.
If the object is not in the cache, CloudFront forwards the request to your server (CloudFront Origin).
The server returns the data to the edge location.
CloudFront forwards the data to the user and adds it to the cache. For subsequent requests, the data is returned from the cache.
CloudFront's points of presence (POPs, also known as edge locations) ensure that popular content gets delivered to your viewers quickly. If your content isn't popular enough to stay in a POP, CloudFront's regional edge caches bring more of your content closer to your viewers, which still helps make your content run faster.
Regional edge caches help improve all kinds of content, especially content that hasn't popular for a while and suddenly finds its popularity again (spike or seasonal traffic).
CloudFront rechecks its cache for the requested object in the regional edge cache location. If the object is in the cache, CloudFront forwards it to the POP that requested it. The POP edge location executes the same cycle of delivering and caching data to the user.
As of July 2023, Amazon CloudFront uses a global network of 450+ Points of Presence and 13 regional edge caches in 90+ cities across 49 countries to deliver content to end users with lower latency. Amazon CloudFront Edge locations are located in the following areas:
Compute and Security at the Edge
We can customize the user request, cache, and origin responses at the edge. Redirect the user request to a different origin or add security headers in the response.
From a security lens, by default, CloudFront improves security and uses AWS Shield to defend against DDoS attacks at no additional charge. You can also add AWS WAF to your CloudFront Distributions and create web access control lists to protect your application from common exploits, limit pervasive bots, and block unwanted fraudulent traffic at the network edge.
To execute and transform at the edge, CloudFront Functions can perform lightweight scripting where you need flexible programming on every request. CloudFront Functions are executed in the edge points of presence (POPs).
Common scenarios are:
HTTP header manipulation
URL rewrites and redirects
Cache manipulation and normalization
Common scenarios are:
Dynamically routing across origins and data centers
Real-time image transformation and manipulation
Tracking and Analytics
AWS has a global infrastructure that is continuously expanding. Leveraging AWS Edge Networking services ensures fast, secure, and efficient content delivery globally, enhancing the performance and reliability of applications.
CloudFront plays a vital role in this global infrastructure. It provides a content delivery network (CDN) that enables you to deliver data faster, save money, and increase security.
CloudFront integrations with AWS Shield, AWS WAF, Lambda@Edge, and features like CloudFront Functions, Distributions, and Origins help you build a more secure and scalable application.
You can also use CloudFront to secure your data by encrypting it using HTTPS or TLS for any origin, including custom domains.
To ramp up your CloudFront skills, visit AWS Skill Builder - Introduction to Amazon CloudFront and check out the AWS Workshop - Accelerate your content using Amazon CloudFront.
Frequently Asked Questions (FAQs)
What is AWS Global Infrastructure, and how extensive is it?
AWS Global Infrastructure is a vast network of data centers, boasting an impressive 99 Availability Zones across 31 geographic regions worldwide. AWS has plans to further expand with 15 more Availability Zones and five new AWS Regions in Canada, Israel, Malaysia, New Zealand, and Thailand.
How do edge locations differ from AWS regions?
AWS Edge Locations are strategically positioned points in the AWS network optimized for low-latency content delivery, ensuring that data reaches users swiftly. In contrast, AWS regions are larger geographic areas with multiple Availability Zones.
What are some services that utilize AWS Edge Locations for content delivery?
Key services that leverage AWS Edge Locations include Amazon CloudFront, AWS Global Accelerator, and Amazon Route 53. These services are strategically placed worldwide to expedite data delivery with minimal latency.
What are AWS Edge Locations, and why are they important for applications?
AWS Edge Locations are pivotal elements of the AWS network, purposefully situated to enhance application performance. They reduce latency and ensure efficient content delivery, safeguarding your data from the unpredictability of the internet.
How does Amazon CloudFront work, and what is its primary use case?
Amazon CloudFront is a content delivery network (CDN) that excels at delivering data directly from the cache of AWS Edge Locations, making it exceptionally fast. Most commonly, it's used to accelerate webpage loading, store images, or stream videos.
What are Edge Points of Presence (POPs) and Regional Edge Caches (RECs)?
Edge POPs serve as initial destinations for content requests within CloudFront, optimizing data retrieval. Regional Edge Caches (RECs) are instrumental in storing less popular content closer to viewers, significantly improving content delivery, especially during traffic spikes.
How does CloudFront enhance security and defend against DDoS attacks? CloudFront enhances security by default, incorporating AWS Shield to guard against Distributed Denial of Service (DDoS) attacks at no extra cost. Moreover, AWS WAF can be added to CloudFront Distributions, enabling the creation of web access control lists for robust protection against common exploits and fraudulent traffic at the network edge.
If you're interested in more, check out these articles: