Tradeoffs
Rendorix-style systems trade operational ownership (AWS, Terraform, signing, observability) for control: presets, your edge rules, and no per-request vendor markup beyond what AWS bills. Use this page to set expectations and compare with managed image APIs or self-hosted workers.
Cost drivers
Section titled “Cost drivers”| Area | What moves the needle |
|---|---|
| CloudFront | Egress and request volume; successful caching reduces origin hits. |
| Lambda | Invocations, duration × memory; cold starts hit latency more often than they dominate dollars unless invocation count is very high. |
| S3 | GETs on originals, storage class, and egress if traffic does not stay on optimized paths. |
| Edge logic | CloudFront Functions / Lambda@Edge are usually small next to transform Lambda unless the edge code is heavy. |
| People | On-call, Terraform reviews, key rotation—real cost beyond the AWS invoice. |
Lever: cache hit ratio on unique (asset × preset × options). Unbounded unique URLs (e.g. arbitrary widths from clients) crater hit rate—see Caching and Overrides.
Caching and hit rate
Section titled “Caching and hit rate”- High hit rate: most responses are bytes from the CDN; Lambda and S3 reads happen mainly for new variants or after invalidation.
- Low hit rate: many slightly different queries each pay for a full transform.
Presets and tight override policies increase reuse of the same logical output. Pair HTTP cache TTL with signed URL lifetime and your product’s freshness needs.
Operational and architectural complexity
Section titled “Operational and architectural complexity”Versus a hosted image SaaS (API key + dashboard): you own IAM, Terraform, optional WAF, signing rotation, and incidents when keys leak or 403s spike. You gain residency choices, custom edge policy, and direct AWS cost visibility—but you must design quotas and abuse limits yourself.
Versus “Sharp on a VM”: serverless scales toward zero when idle; VMs need patching and capacity planning. Debugging distributed edge + Lambda can feel harder than one box with ssh and logs.
Versus only build-time / client resizing: on-the-fly formats (WebP, AVIF) and presets without pre-generating every variant at upload cost signing and runtime compute.
When not to use Rendorix
Section titled “When not to use Rendorix”- You need a full DAM (approvals, taxonomy, enterprise search)—Rendorix targets delivery, not library management.
- You cannot or will not operate Terraform/AWS comfortably—a managed API may ship faster.
- You require sub-10ms p99 globally on uncached first transforms—first paint per new cache key will miss; you need a different warm-path or pre-generation strategy.
- Delivery must be air-gapped or non-HTTPS in ways that conflict with a standard edge + browser model.