Amazon CloudFront (CF) is a global, content distribution network for delivering content stored in your S3 buckets. It is an additional service that's offered by Amazon that you must sign-up for in order to use. CF distributions provide an efficient way of delivering key content to end users all over the world by using a global network of edge locations. An edge location is a geographical site where CloudFront caches copies of commonly downloaded objects such as web pages, images, media files, etc. Since EC2 instances are region-specific, delivering content with low latencies around the world can be difficult. In order to provide faster download times for your global userbase, set up CloudFront distributions for commonly downloaded assets.

An origin server for CloudFront is an S3 bucket that contains the original version (master copy) of an object. When a user requests one of the objects in your CF distribution, CloudFront determines which edge location is best able to serve the content for future requests. Although normal latencies are expected for the first request, subsequent requests will be downloaded much faster because a copy of the object will remain cached at the edge location until the object's TTL expires. (default = 1hr)

There are two types of CF distributions that you can create:

  • basic - ideal for serving commonly used static content
  • streaming - ideal of serving commonly downloaded media files

You can set up a CloudFront distribution to serve both public and private content. See Serving Private Content.

Before you can create a distribution, you must first sign-up for the Amazon's CloudFront service. Be sure to review their detailed pricinginformation.

To learn more, check out our blog post: Amazon releases CloudFront: a cloud content distribution network or see Amazon CloudFront or the Getting Started Guide.

Things to Consider

  • CloudFront is very particular about S3 bucket names. You may need to create a new S3 bucket that has a compatible bucket name. See the S3 Bucket Names for CloudFront section below.
  • You can create multiple distributions that reference the same S3 bucket.
  • Only objects that have public-read access will be available for distribution.
  • 'https' links are not supported
  • If you are using a CNAME, you must first be sure to register that domain with your DNS provider. It must also be a unique name that's unused. For example, you cannot use mysite.com as a CNAME. You must create a new subdomain (ex: assets.mysite.com).
  • You can specify up to 10 CNAMEs per distribution.
  • CloudFront is not AWS-region specific.
  • You can have up to 100 CF distributions
  • If you overwrite an existing object in a distribution, Cloudfront will not push the new version of the object to an edge location until the object's TTL has been expired and an end user makes a request for the object at that edge location.

S3 Bucket Names for CloudFront

In order for an S3 bucket to be compatible with CloudFront, it must conform to DNS requirements. Therefore, you may need to create a new S3 bucket. Follow the naming convention guidelines below to create a valid S3 bucket for CloudFront.

Bucket Names...

  • should not include underscores (Invalid Example: right_scale)
  • should not include capital letters (Invalid Example: RightScale)
  • should be between 3 to 63 characters long
  • should not end with a dash (Invalid Example: rightscale-)
  • should not contain dashes next to periods. (Invalid Example: right-.scale)

See Bucket Restrictions and Limitations in the Amazon Simple Storage Service Developer Guide.

Working with CloudFront Distributions in RightScale

Navigating to Clouds > AWS Global > CF Distributions in the CM dashboard displays the CloudFront Distributions page. This page lists the following CloudFront information:

  • Nickname - A user specified nickname for the CF distribution
  • Identification (ID) - Unique identifier that is autogenerated by AWS during the creation process and assigned to the distribution (e.g. E2Q0AOE2Q0AOL)
  • Type - The type of CF distribution (basic or streaming)
  • Origin Type - The type of storage that will be used as the origin server, which stores master copies of the assets that will be served by CloudFront. (e.g. S3 or custom)
  • DNS Name - The DNS name of the origin server. (e.g. For S3, it would be 'mybucket.s3.amazonaws.com')
  • S3 Bucket - Name of the S3 bucket that will serve as the origin server for your distribution. It will contain the master copies of your objects. (e.g. mybucket)
  • Domain - The CloudFront domain name you need to use when linking to your objects. (e.g. d60472d6047qy9.mysite.com). You will use the domain name to construct a link to an object.
  • Origin Access Identity - The virtual identity that will be used to give your CF distribution permission to fetch a private object from your origin server (S3 bucket). Use the OAI to configure the distribution so that end users can only access objects in an Amazon S3 bucket (origin server) through a CloudFront distribution.
  • Last modified - Date and timestamp of when the distribution was last modified.
  • Logging - If enabled, you must define an S3 bucket and a path prefix to store access logs. With logging enabled for your distribution, gzipped access logs are stored in a 'logging' folder of your S3 bucket.
  • Status - Current status of the distribution.
    • Deployed (ready to use) or InProgress (created or updated, but not quite ready for use)
  • Enabled - A distribution can only serve content if the distribution is enabled. It takes up to 15 minutes to disable a distribution. When you disable a distribution, it will be taken offline; CloudFront will no longer accept end user requests for content from the distribution.
  • Https only - If selected, only HTTPS requests are permitted. If not selected, both HTTP and HTTPS requests are permitted.
  • Actions - Edit or Delete the CloudFront distribution.

Action Buttons

The following action buttons are available from the CloudFront Distributions page:

  • New Basic Distribution - Create a new basic CloudFront distribution for serving primarily static content over standard HTTP/HTTPS protocol.
  • New Streaming Distribution - Create a new streaming CloudFront distribution for streaming primarily on-demand media files over RMTP.


Further Reading