> Even if you run an extra host like www.yourdomain.de for Germans, they could still type www.yourdomain.com into their browser and this alone would cause tcp packets to flow from their machin to CloudFront. There is no way to avoid this.
If you're adamant on running US infrastructure for US users and EU infrastructure for EU users, you can do that by using GeoDNS/Regional Records.
But personally I find it easier to treat everyone as a EU user, and I store no personally identifiable information what so ever except information given by users themselves (like emails for registration), so maximum privacy for my users.
> Even if you run an extra host like www.yourdomain.de for Germans, they could still type www.yourdomain.com into their browser and this alone would cause tcp packets to flow from their machin to CloudFront. There is no way to avoid this.
If you're adamant on running US infrastructure for US users and EU infrastructure for EU users, you can do that by using GeoDNS/Regional Records.
But personally I find it easier to treat everyone as a EU user, and I store no personally identifiable information what so ever except information given by users themselves (like emails for registration), so maximum privacy for my users.