[AnthonyMouse]

That isn't very specific about how it works ("defends against the most common, frequently occurring network and transport layer DDoS attacks" whatever that means), but it sounds like they're going to drop weird looking packets.

The problem is, one of the more common types of DDoS is that the attacker has a botnet with a million machines in it and has them all make legitimate requests to your service all day, thereby overloading it. This looks just like a large volume of legitimate requests, because it is. S3 or similar isn't going to get overloaded, but then what stops you from getting a bill the size of the moon?

To do otherwise they'd either have to be able to distinguish these from legitimate requests (how?) or give you free traffic when you claim you were under a DDoS that they can't distinguish from a large volume of legitimate traffic (unlikely).

[etothepii]

Why is this unlikely? If you do it several times then they will start to get annoyed and say no but a service like AWS is all about the long term customer relations. I've had bills of ~$1k refunded even though I'm a ~$3 p.m. user.

[AnthonyMouse]

Waiving a bill for a thousand dollars isn't really costing them a thousand dollars because their underlying cost is much lower than that.

Do the math on how much the S3 bill would be if a million bots each with a 100Mbps cable connection would DDoS you for a month. A thousand dollars is too low by how many orders of magnitude?

You might get them to waive that, maybe, or maybe not. Even at their cost they'd never make it back from you. Do you have any guarantee that they will? What happens if they don't? What happens if they do it once, but the attack hasn't ended?