• Content Delivery Network (CDN)
• Improves read performance, content is cached at the edge
• DDoS protection (because worldwide), integration with Shield, AWS Web Application Firewall
• Cloud Front Origins
  • S3 buckets
  • Application Load Balancer
  • EC2 instance
  • Any HTTP backend you want
• Need OAC(Origin Access control) to allow access from CloudFront to your bucket

CloudFront vs S3 Cross Region Replication

• CloudFront: • Global Edge network • Files are cached for a TTL (maybe a day) • Great for static content that must be available everywhere
• S3 Cross Region Replication: • Must be setup for each region you want replication to happen • Files are updated in near real-time • Read only • Great for dynamic content that needs to be available at low-latency in few regions

Cloud Front Access Logs

• It’s possible to generate reports on:
  • Cache Statistics Report
  • Popular Objects Report
  • Top Referrers Report
  • Usage Reports
  • Viewers Report

CloudFront Caching

• Cache based on • Headers • Session Cookies • Query String Parameters
• The cache lives at each CloudFront Edge Location
• You want to maximize the cache hit rate to minimize requests on the origin
• Control the TTL (0 seconds to 1 year), can be set by the origin using the Cache- Control header, Expires header…

CloudFront Cache Behaviour for Headers

1. Forward all headers to your origin
   • no caching, every request to origin
   • TTL must be set to 0
2. Forward a whitelist of headers
   • caching based on values in all the specified headers
3. (None) == Forward only the default headers

   • no caching based on request headers

   • Best caching performance