Content Delivery Network (CDN) is a critical piece in your app eco system as it ensures faster delivery of your media and static content to your app users. Since our complete infrastructure is hosted on AWS, CDN services were being availed from AWS itself.
On side note, I am a big AWS fan and during my startup journey we have always preferred AWS as compare to other IaaS provider due to its reliability, ease of use and better pricing. However there are few points which you might need to remember when it comes to pricing and application security on AWS
AWS charges for data out
AWS charges to customer based on the data that has been flushed to end users. Now if you have a file of 1 MB on CDN and it has been served to end users to 1000 times in a month, you have to pay for 1 GB of data out in that month. Now if you have significant active users and do have media and static contents, you may see a good amount of $ being spend on data out in your AWS bills.
AWS WAF is not feature rich
WAF (Web Application Firewall) is an essential tool and should not be overlooked as it secures your web application from critical security vulnerabilities which includes OWASP top 10 and other day zero vulnerabilities. AWS WAF is not a self service tool, and you will end writing lots of rule and code on top of it.
Lets talk about Cloudflare a bit
On the other hand, Cloudflare is essentially a security company and provides lots of offering around it. Cloudflare WAF is easy to use and is a self managed service. It provides protection from different kind of security vulnerabilities including OWASP top 10 to your web application and API infrastructure. It also provides lots of performance management tools like caching, Image optimization etc with their CDN services.
And you know what… they dont charge for data out usage for your media and static contents … Yes you heard it Right!!!
So if you are looking for any WAF solution for your app infrastructure, Cloudflare can give you these advantages if you use their CDN along.
P.S. I am not here to promote Cloudflare services, instead I have written my experience and advantage that we have got while using WAF and CDN services.