AWS CloudFront Pricing and Cost Optimization Guide - ­čĆć Managed Server


18 September 2022

AWS CloudFront Pricing and Cost Optimization Guide

Learn how to save budget on Amazon AWS CloudFront data transfer

Amazon AWS CloudFront

CloudFront is a CDN (Content Delivery Network) owned by AWS. CDNs are primarily used for caching and many customers also use the AWS CloudFront CDN as a security level or use it to manage network spikes. With AWS CloudFront CDN, when a user requests a web page or image, the request is routed to one of the over 225 Amazon edge servers. If the Edge Server already has the cached resource, it is served to the client. If the resource is not on the edge server, it makes a request to a larger edge server called the regional edge cache, if not present, the request goes to an origin server hosting your application. The Edge Server then saves a copy of the response locally so that it can handle the next request without annoying the origin server. This reduces the load on the origin server, helping you to keep the instance hosting your application small and is able to reduce latency for clients by moving commonly requested resources closer to the requestor. This is great for latency and user experience, but how does it affect costs?

This CloudFront help will guide you through the following:

  • AWS CloudFront Pricing
  • Factors that Determine the Cost of Amazon CloudFront
  • Ways to Reduce CloudFront Costs

AWS CloudFront Pricing

AWS CloudFront pricing starts with a very simple pricing model, you are charged for the GBs transferred to the Internet and for each HTTP request. There are also many optional features, such as encryption, logging, Origin Shield, file invalidation, and Edge Server Lambda invocations which can also incur additional CloudFront costs .

AWS cloudfront scheme

CloudFront Cost and AWS Data Transfer Cost

AWS CloudFront cost is billed per GB transferred from any CloudFront edge server to the Internet. Once you start transferring more than 40TB of data, you are charged less per GB and the cost continues to decrease as you transfer more data until you reach 5PB. Like most AWS services, these costs vary by region. The initial rate for publishing data in the cheapest regions (US, Mexico, Canada, Europe, and Israel) is $ 0,085 per GB, and this cost doubles to $ 0,170 when serving data in the most expensive region (India). You are also charged for requests that send data to your source application, such as WebSocket connections, or data attached to PUT requests from a client. Because CloudFront is inherently global, the region for which you are billed is not determined by where the application resides, but where the requests to your application originate from. You can manage these costs by setting a price class on your CloudFront distribution which excludes certain regions from your edge server network.

You can get one Amazon CloudFront pricing discount committing to a regular usage level (typically at least 10 TB transferred per month for a one-year commitment period). Unlike many other services, these CloudFront ÔÇťReserved InstanceÔÇŁ pricing are not published, but if your organization can reasonably commit to transferring that data over a long period of time, it could reduce your costs, so contact AWS and ask. You can also get a 30% discount by signing up for the CloudFront Security Savings Bundle . You need to commit to spending a specific amount on CloudFront services each month for at least a year, and it's a great deal if you're also thinking about using Amazon Web Application Firewall (WAF) because 10% of the commitment value is generated as a WAF credit.

CloudFront Request Costs

Another factor in the prices of AWS CloudFront is charged for 10.000 HTTP requests and you will pay a surcharge of approximately 25% to handle HTTPS requests. These CloudFront costs also vary based on the region where the request originated, but the price difference is less dramatic than for data transfer, going from a 100% premium for data transfer to the most expensive regions to a 10% premium for handling requests from these areas.

Other CloudFront Costs

OriginShield is an additional caching layer that operates (and is priced based on) your origin server's Availability Zone. All requests to the origin server go through this single caching layer, so that users accessing different edge servers in different locations can receive the same cached content, and applications that manage multiple CDNs have access to a unifying caching layer. This service is charged at the same rate as HTTP requests, in addition to the cost of any request that goes through an edge server. CloudFront also allows you to encrypt specific fields therefore only applications that have access to the decryption key are able to see sensitive data. This service costs $ 0,02 for every 10.000 encrypted requests (in addition to the cost of HTTPS requests). You have the ability to generate and monitor logs in real time at a cost of $ 0,01 for every 1.000.000 log lines written. Finally, you can provide custom SSL certificates and domain names for your CloudFront distributions for $ 600 per month.


How to Reduce Your AWS CloudFront Costs

Now with the understanding of the prices of Amazon CloudFront and of the many cost factors that contribute to its use, there are several practical and common ways to reduce the costs of CloudFront. Below we'll walk you through ways to reduce S3 and EC2 costs with CloudFront, the best way to set up CloudFront, and how to increase your cache hit rate to reduce costs.

Reduce AWS S3 and EC2 Costs with CloudFront

One of the most common uses of CloudFront is web content distribution and multimedia stored in an S3 bucket or EC2 instance to customers around the world. At low volumes of data, the cost of using S3 is actually lower because every month you get the first GB transferred for free, but as soon as you start increasing your usage, the lower cost per GB to serve the data from CloudFront. In an economic region like eastern Ohio in the United States, that inflection point is 18GB.

Once the amount of data transferred over the Internet increases, the price gap for data transfer costs starts to widen. Once you start transferring terabytes of data, the distance between publishing content from an origin like S3 and using CloudFront for content delivery increases dramatically.

It is important to realize that CloudFront has a special status in the AWS universe. Normally, you are charged for data transferred between Availability Zones. However, the data transferred from AWS services to CloudFront servers does not cost a dime. If you're transferring a very small amount of data over the internet, it's cheaper not to use CloudFront, but if you're transferring data between zones or dealing with higher data transfer costs, CloudFront will almost always save you money. This special status also makes it convenient to always associate CloudFront with hosting the origin server on the AWS network. If you host your origin server yourself or use a different provider, those savings on data transfer vanish and you have to pay to transfer the data to CloudFront, which means that every time an item is not in the cache, you pay twice,

Comparing the cost of handling HTTP requests between S3 and CloudFront is less straightforward. If your application only provides GET results, handling requests from an S3 bucket is significantly cheaper. In the U.S. Eastern Ohio, you'll pay $ 0,004 for 10.000 requests made directly versus an S3 bucket, but you'll pay at least $ 0,0075 to fulfill requests from CloudFront, which makes it nearly 90% more expensive. This calculation is reversed once you start mixing POST requests. The price does not change based on the request type for CloudFront, but increases by more than 100% for S3 buckets, you will pay $ 0,05 to serve 10.000 POST requests, so CloudFront becomes the best offer, offering 85 discount % on this type of request.

For most applications, data transfer costs and instance size savings will significantly overshadow the cost of processing requests, so this difference is rarely significant, but if much of the cost for the CloudFront application is caused by a lot of small file requests and you can guarantee that those requests will mostly GET and consider skipping CloudFront. Regarding the requests, you should also consider how necessary the use of HTTPS is for your application. Handling HTTPS requests adds about 25% to request costs, so if you're not receiving sensitive data, using a simple HTTP can save you a lot of tweaking.

Configuring Amazon CloudFront to Reduce Costs

One of the best ways to reduce requests to any web server is to cache the content in the client's browser. This basic idea applies twice when using CloudFront, as CloudFront adds a second layer of caching, files are also cached on edge servers. By default, all files served by the CloudFront Edge Server expire after 24 hours, which is too low for many types of content. You can increase the value of your CloudFront network by appropriately caching objects, especially those that you are sure will not change for a while. You can set how long both the client and edge server cache objects by setting the Cache-ControlHTTP header on the origin server. You can also instruct your edge servers to implement their own caching policies by setting the values Time To Live (TTL). when you create or update your CloudFront distribution. Keep in mind that Edge Server caching is important to plan and implement carefully because if you want to invalidate files before they expire, you can invalidate 1.000 paths for free every month, but you will pay $ 0,005 for invalid path after this limit.

AWS CloudFront cache hit rate increased

One of the main objectives of CloudFront CDN is to avoid flooding the origin server by allowing edge servers to efficiently respond to client requests. This functionality is compromised if most clients end up requesting content that is not cached. The ratio of the requests that are handled by the Edge Server to the number of requests that arrive at the Origin Server is called the cache hit ratio. You can increase this ratio by understanding how the cache key. When a resource is requested by a client, CloudFront generates a cache key (by default, this uses the domain of the distribution and the path of the requested object, but you can change these settings it then stores the cache key and uses it to fulfill future match requests. To increase hit rate, consolidate application views to resolve into a single cache key and avoid adding data that could cause two requests with the same results to generate different cache keys, such as creating two URLs that point to the same resource.

Compression to reduce Amazon CloudFront costs

CloudFront can be configured for automatically compress some file types. Compressing CloudFront will result in faster load time for clients and reduce costs as edge servers transfer smaller amounts of data to clients. In addition to using default compression, compress resources when they are generated by the source server.

AWS CloudFront Free Tier

Il CloudFront free tier is one of the most generous in the AWS family, you get 50GB of outbound data transfer and two million requests every month for a year. If you're not already using CloudFront, the free plan can help you decide whether it can help you scale the instance serving your application or dramatically improve the customer experience by decreasing load time.



Amazon CloudFront CDN makes it easy to manage resources from a globally distributed CDN. This can reduce latency, handle peak demand, and decrease the load on application servers. Leveraging good caching, compression, and understanding of how the cache key works allows CloudFront to perform these tasks effectively, which helps you get the most out of the service. If you need help to monitor and reduce the costs of your AWS services , remember that you can always contact Managed Server Srl for help.

Do you have doubts? Don't know where to start? Contact us!

We have all the answers to your questions to help you make the right choice.

Chat with us

Chat directly with our presales support.


Contact us by phone during office hours 9:30 - 19:30

Contact us online

Open a request directly in the contact area.


Managed Server Srl is a leading Italian player in providing advanced GNU/Linux system solutions oriented towards high performance. With a low-cost and predictable subscription model, we ensure that our customers have access to advanced technologies in hosting, dedicated servers and cloud services. In addition to this, we offer systems consultancy on Linux systems and specialized maintenance in DBMS, IT Security, Cloud and much more. We stand out for our expertise in hosting leading Open Source CMS such as WordPress, WooCommerce, Drupal, Prestashop, Joomla, OpenCart and Magento, supported by a high-level support and consultancy service suitable for Public Administration, SMEs and any size.

Red Hat, Inc. owns the rights to Red Hat┬«, RHEL┬«, RedHat Linux┬«, and CentOS┬«; AlmaLinuxÔäó is a trademark of AlmaLinux OS Foundation; Rocky Linux┬« is a registered trademark of the Rocky Linux Foundation; SUSE┬« is a registered trademark of SUSE LLC; Canonical Ltd. owns the rights to Ubuntu┬«; Software in the Public Interest, Inc. holds the rights to Debian┬«; Linus Torvalds holds the rights to Linux┬«; FreeBSD┬« is a registered trademark of The FreeBSD Foundation; NetBSD┬« is a registered trademark of The NetBSD Foundation; OpenBSD┬« is a registered trademark of Theo de Raadt. Oracle Corporation owns the rights to Oracle┬«, MySQL┬«, and MyRocks┬«; Percona┬« is a registered trademark of Percona LLC; MariaDB┬« is a registered trademark of MariaDB Corporation Ab; REDIS┬« is a registered trademark of Redis Labs Ltd. F5 Networks, Inc. owns the rights to NGINX┬« and NGINX Plus┬«; Varnish┬« is a registered trademark of Varnish Software AB. Adobe Inc. holds the rights to Magento┬«; PrestaShop┬« is a registered trademark of PrestaShop SA; OpenCart┬« is a registered trademark of OpenCart Limited. Automattic Inc. owns the rights to WordPress┬«, WooCommerce┬«, and JetPack┬«; Open Source Matters, Inc. owns the rights to Joomla┬«; Dries Buytaert holds the rights to Drupal┬«. Amazon Web Services, Inc. holds the rights to AWS┬«; Google LLC holds the rights to Google CloudÔäó and ChromeÔäó; Microsoft Corporation holds the rights to Microsoft┬«, Azure┬«, and Internet Explorer┬«; Mozilla Foundation owns the rights to Firefox┬«. Apache┬« is a registered trademark of The Apache Software Foundation; PHP┬« is a registered trademark of the PHP Group. CloudFlare┬« is a registered trademark of Cloudflare, Inc.; NETSCOUT┬« is a registered trademark of NETSCOUT Systems Inc.; ElasticSearch┬«, LogStash┬«, and Kibana┬« are registered trademarks of Elastic NV Hetzner Online GmbH owns the rights to Hetzner┬«; OVHcloud is a registered trademark of OVH Groupe SAS; cPanel┬«, LLC owns the rights to cPanel┬«; Plesk┬« is a registered trademark of Plesk International GmbH; Facebook, Inc. owns the rights to Facebook┬«. This site is not affiliated, sponsored or otherwise associated with any of the entities mentioned above and does not represent any of these entities in any way. All rights to the brands and product names mentioned are the property of their respective copyright holders. Any other trademarks mentioned belong to their registrants. MANAGED SERVER┬« is a trademark registered at European level by MANAGED SERVER SRL, Via Enzo Ferrari, 9, 62012 Civitanova Marche (MC), Italy.

Back to top