When you have an application behind CloudFront that is read-heavy (like most static websites) you will find that the AWS CloudFront costs can be a nasty surprise on your AWS bill. These costs can be very high and surprise you.
This is mainly due to the data transfer costs of AWS, you can read more about that here. If you move 100TB through CloudFront in a month (EU region), it will net you a bill of 6000 USD!
You can get lower prices if you commit to a certain amount of volume (min volume of 10TB per month). That would still net you 600 USD in data transfer cost (EU region) on a monthly basis. If you are serving a lot of data from AWS CloudFront like videos and such, this can become a major cost for your organization.
There are two ways around this problem:
Put Cloudflare in front of AWS CloudFront
Simply route traffic through Cloudflare, so Cloudflare can cache the data (add a CNAME record for Cloudfront in Cloudflare, and make sure the cloud icon is “on” for this record). CloudFlare will then hit AWS CloudFront for content (the amount of data transfer from Cloudfront to Cloudflare will then depend on your cache settings).
This is a pragmatic approach and does not require you to do a lot of changes. It also keeps data transfer inside AWS (ie. the data needed to upload videos or content to S3 can be done through VPC endpoints).
Switch to Cloudflare R2
You can switch your static assets to R2 (it is object storage and compatible with Amazon S3). This means that you will incur charges to upload to R2 (data transfer from AWS), but these costs will be lower and some might fall into the free tier.
Data transfer from Cloudflare R2 to Cloudflare is free, and egress traffic is free with Cloudflare in all cases.
This approach is beneficial if you do not have a lot of features of S3 that you need.
Cloudflare is free, but for 200 USD per month you get amazing features like a WAF that runs circles around Amazon WAF.
If other services are running up your bill, feel free to contact us for some more tips!