[toast0]

AWS charges an arm and a leg for outbound traffic, inbound traffic is free. Volumetric attacks are all about overwhelming your inbound; if AWS will swallow that at their ACL layer for you, that's seems pretty useful, and shouldn't generate billing.

[dragonwriter]

OTOH, it's tricky to direct your inbound to AWS without involving them in your outbound...

[toast0]

Certainly... It was more of a if you're on AWS and you attract a volumetric attack, it's not going to cost you an arm and a leg.

Maybe you could run www on AWS and your real service somewhere with reasonable prices for traffic. In my experience, people who randomly DDoS tend to hit www rather than useful parts of a service.

[judge2020]

In terms of running a data lake or keeping stuff for a long time, it's great, but of course they're banking on you moving a bunch of data to AWS to either train ML off of (compute costs) or keep it there and rack up storage space charges.

[mekster]

Seems to benefit AWS as well when if it's not blocked, your server can respond with some payload which means useless outbound traffic for AWS to pay and to charge customer to make them unhappy but instead if AWS drops them, good for both.