Amazon CloudFront

What is Amazon CloudFront?

Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds. It uses a global network of Edge Locations to serve content closer to users.

Key Concepts

1. Edge Locations

• Data centers located all around the world (more than 600+ PoPs).
• They cache content to reduce the distance between the user and the data.

2. Origins

• The source of the files. CloudFront fetches files from here if they aren't already cached at the Edge.
• Common Origins: S3 Buckets, ELB (Load Balancers), EC2 Instances, or even on-premise servers.

3. Distributions

• The configuration of your CDN. You create a "CloudFront Distribution" to tell AWS which origin to use and how to handle caching.

4. Caching & TTL

• TTL (Time-to-Live): Determines how long a file stays in the cache before CloudFront checks the origin for a new version.
• Invalidation: A process to forcefully remove files from the cache before the TTL expires (e.g., when you update a website image immediately).

5. Security

• OAC (Origin Access Control): Restricts access so users can only access files via CloudFront, not directly from the S3 bucket.
• AWS Shield & WAF: Integrated protection against DDoS attacks and web exploits.
• HTTPS: Free SSl/TLS certificates via ACM.

Exam Tips

Common Use Cases

• Website Acceleration: Speed up loading times for global users.
• Video Streaming: Delivering on-demand or live video (HLS/DASH).
• Software Distribution: Downloading OS updates or game patches.
• Security at the Edge: Blocking attacks before they reach your servers.