CloudFront

Overview

• Content Delivery Network (CDN)

• Improves read performance, content is cached at the edge

• Improves users experience

• 216 Point of Presence globally (edge locations)

• DDoS protection (because worldwide), integration with Shield, AWS Web Application Firewall

https://aws.amazon.com/cloudfront/features/?nc=sn&loc=2

Origins

• S3 bucket

• For distributing files and caching them at the edge

• Enhanced security with CloudFront Origin Access Control (OAC)

• OACisreplacingOriginAccessIdentity(OAI)

• CloudFront can be used as an ingress (to upload files to S3)

• Custom Origin (HTTP)

• Application Load Balancer

• EC2 instance

• S3 website (must first enable the bucket as a static S3 website)

• Any HTTP backend you want

High level

S3 as an Origin

CloudFront vs S3 Cross Region Replication

• CloudFront:

• Global Edge network

• Files are cached for a TTL (maybe a day)

• Great for static content that must be available everywhere

• S3 Cross Region Replication:

• Must be setup for each region you want replication to happen

• Files are updated in near real-time

• Read-only

• Great for dynamic content that needs to be available at low-latency in few regions