1. Create CloudFront distribution

Create distribution

Go to AWS console - CloudFront - Distributions - Create distribution.

Select origin

Select an origin domain that I will use as a source.

Use OAC(origin access control) for access control and create a new OAC for this distribution. Then select it.

Origin can be S3, ELB or other endpoint.

OAC(Origin access control)

OAC decides who can access the origin(e.g. bucket). Later in bucket setting, bucket will allow this OAC.

OAI(Identity) was used before, and OAC is enhanced version of it. OAC lives inside CloudFront. It's not like IAM for using at all services.

I can check details of the origin access in CloudFront - Security - Origin access.

Cache behavior

I almost used default options.

Compress objects automatically option is yes by default. The info says that the request need to have an accept-encoding header to use compression.

Selected viewer protocol policy at HTTPS only because the client will always be HTTPS, I think.

CachingOptimized is default and recommended for S3. I can configure detailed caching policy by creating one, but not now.

Cache policy

Check cache policy key settings.

The cache key, Headers: None, Cookies: None, Query strings: None behavior e.g. first request: example.com/img/1?key=value following request: example.com/img/1?key=value2 The following request will get the cached image because query string is not included in a cache key.

Supported compressions are gzip and brotli.

Other settings

WAF: Do not enable
Price class: Use North America, Europe, Asia, Middle East, and Africa

Merely because of cost.

Creation

Click create distribution button. This takes some minutes.

PreviousUse CloudFront for serving S3 files Next2. Update S3 policy for CloudFront

Last updated 1 year ago

hashtagCreate distribution

hashtagSelect origin

hashtagCache behavior

hashtagCache policy

hashtagOther settings

hashtagCreation