Aws - Cloudfront

> AWS (Amazon Web Services)

1 - About

Amazon CloudFront is the CDN offering of AWS

Advertising

3 - Concept

3.1 - Distribution

A distribution got all parameters of a web site (where the data comes from, certificate, …)

4 - Management

4.1 - Create origin-access-identity

aws cloudfront create-cloud-front-origin-access-identity --cloud-front-origin-access-identity-config CallerReference=Mysfits,Comment=Mysfits
{
    "CloudFrontOriginAccessIdentity": {
        "CloudFrontOriginAccessIdentityConfig": {
            "Comment": "Mysfits", 
            "CallerReference": "Mysfits"
        }, 
        "S3CanonicalUserId": "ABCABCCCAfICCQD6m7oRw0uXOjANBgkqhkiG9w0BAQUFADCBiDELMAkGA1EXAMPLE", 
        "Id": "CLOUDFRONT_ORIGIN_ACCESS_IDENTITY_ID"
    }, 
    "ETag": "ANPAJ2UCCR6DPCEXAMPLE", 
    "Location": "https://cloudfront.amazonaws.com/2017-10-30/origin-access-identity/cloudfront/ANPAJ2UCCR6DPCEXAMPLE"
}

4.2 - Create a distribution

  • After CloudFront creates your distribution, the value of Status will change from In Progress to Deployed.
  • Note the DomainName as that will be your web site.
  • If this is a web site used for more than just testing you should enable logging, and consider the AWS Web Application Firewall (WAF) service to help protect. For more information: Values That You Specify When You Create or Update a Web Distribution

Example on how to Create a CloudFront distribution, and configure the S3 bucket as the origin . The caller reference is created with the origin-access-identity

website-cloudfront-distribution.json
{
  "CallerReference": "REPLACE_ME_CLOUDFRONT_CALLER_REFERENCE",
  "Aliases": {
    "Quantity": 0
  },
  "DefaultRootObject": "index.html",
  "Origins": {
    "Quantity": 1,
    "Items": [
      {
        "Id": "REPLACE_ME_CLOUDFRONT_CALLER_REFERENCE",
        "DomainName": "REPLACE_ME_BUCKET_NAME.s3.amazonaws.com",
        "S3OriginConfig": {
          "OriginAccessIdentity": "origin-access-identity/cloudfront/REPLACE_ME_CLOUDFRONT_ORIGIN_ACCESS_IDENTITY_ID"
        }
      }
    ]
  },
  "DefaultCacheBehavior": {
    "TargetOriginId": "REPLACE_ME_CLOUDFRONT_CALLER_REFERENCE",
    "ForwardedValues": {
      "QueryString": true,
      "Cookies": {
        "Forward": "none"
      }
    },
    "TrustedSigners": {
      "Enabled": false,
      "Quantity": 0
    },
    "ViewerProtocolPolicy": "allow-all",
    "MinTTL": 0,
    "MaxTTL": 0,
    "DefaultTTL": 0
  },
  "CacheBehaviors": {
    "Quantity": 0
  },
  "Comment": "",
  "Logging": {
    "Enabled": false,
    "IncludeCookies": true,
    "Bucket": "",
    "Prefix": ""
  },
  "PriceClass": "PriceClass_All",
  "Enabled": true
}
aws cloudfront create-distribution --distribution-config file://pathToMyFile/website-cloudfront-distribution.json
Advertising

4.3 - List distribution

aws cloudfront list-distributions
output.json
{
    "DistributionList": {
        "Items": [
            {
                "Id": "E2E1NPPMOAPD5N",
                "ARN": "arn:aws:cloudfront::REPLACE_ME_ACCOUNT_ID:distribution/E2E1N6EEEAPD5N",
                "Status": "Deployed",
                "LastModifiedTime": "2019-04-08T17:47:49.770Z",
                "DomainName": "dyxpld3sqxwc9.cloudfront.net",
                "Aliases": {
                    "Quantity": 0
                },
                "Origins": {
                    "Quantity": 1,
                    "Items": [
                        {
                            "Id": "Mysfits",
                            "DomainName": "web-app-modern.s3.amazonaws.com",
                            "OriginPath": "",
                            ...............

4.4 - Update distribution

4.5 - Testing a distribution

5 - Documentation / Reference