The conclusion is for an origin server halfway across the world from your users, CloudFront with Origin Shield is basically equivalent to CloudFlare with Argo (latency).<p>The other takeaway is AWS documentation is kind of dodgy for some services. But basically everyone knows that already.
IMO Perfomance wise CloudFront and Cloudfront are quite similar.<p>I've migrated from CloudFront+AWS WAF to just CloudFlare given Cloudflare's superior (100x better) WAF/Firewall/DDOS protection at a lower cost
This was probably the first article on hacker news that actually had some type of business impact for me, so thanks for posting!!! Have already added Origin Shield and it's made somewhat of a speed boost
TLDR, adding an "edge" in front of your application incurs a connection setup cost which can be 2-3x RTT and is especially noticeable when you don't have a large QPS and are in a region like APAC where geographically close networks often have high latencies between each other. Both Argo and OriginShield seem to pool more aggressively, often going cross-datacenter to avoid hitting origin which sometimes saves this setup cost by coalescing onto warm connections, but only sometimes (notice how spiky their Argo graphs are, the p90 request is probably no faster than before).