Configure a CloudFront distribution to deliver application content

CloudFront is a content delivery product that can be used to increase application performance by introducing additional cached endpoints nearer to the clients. In this example we’re going to use CloudFront as a CDN for our earlier configured S3 bucket.

To get started, we will need to log into the Amazon CloudFront console and create a distribution. The steps are fairly straight forward:

  1. Click Create Distribution.
  2. Under the web distribution option, click Get Started.
  3. Click into the Origin Domain Name field to get it to populate a list of AWS resources.
  4. Select an earlier created bucket. If you’ve followed some of my last posts, you should have one already, otherwise pop over to the S3 console and create one.
  5. In the Origin ID field enter a (distribution-wide) unique string. Example: s3-example.com-origin
  6. Select a Viewer Protocol Policy. Note that search engines rate HTTPS endpoints higher than HTTP endpoints. If you select to enable HTTPS only or redirect to HTTPS ensure that you upload appropriate certificates. (Note that the easiest method to upload a certificate is to half create a SSL ELB, just so that you can upload the certificate.)
  7. Leave Allowed HTTP Methods as is unless you know that you need additional methods.
  8. Set your Object Caching level as appropriate. By default CloudFront will use the cache header as set by the object in S3 or the default of 24 hrs. You can also enforce a custom TTL. If you are not setting the TTL of your objects in S3, you should definitely set and enforce a custom TTL.
  9. Set Alternate Domain Names as appropriate to your use case. Likely you will have something like example.com and www.example.com.
  10. Everything else you can leave as is, unless you know what your doing.
  11. Click Create Distribution.

And you’re done! After the distribution is fully deployed you can go into Route53 and update your DNS with alias records pointing to the CloudFront distribution.

To do this with the AWS CLI, you first need to create a JSON file with your settings:

{
    "Comment": "example json",
    "CacheBehaviors": {
        "Quantity": 0
    },
    "Logging": {
        "Bucket": null,
        "Prefix": null,
        "Enabled": false,
        "IncludeCookies": false
    },
    "Origins": {
        "Items": \[
            {
                "S3OriginConfig": {
                    "OriginAccessIdentity": null
                },
                "Id": "S3-origin",
                "DomainName": "example.s3.amazonaws.com"
            }
        \],
        "Quantity": 1
    },
    "DefaultRootObject": null,
    "PriceClass": "PriceClass\_All",
    "Enabled": true,
    "DefaultCacheBehavior": {
        "TrustedSigners": {
            "Enabled": false,
            "Quantity": 0
        },
        "TargetOriginId": "S3-origin",
        "ViewerProtocolPolicy": "allow-all",
        "ForwardedValues": {
            "Headers": {
                "Quantity": 0
            },
            "Cookies": {
                "Forward": "none"
            },
            "QueryString": false
        },
        "SmoothStreaming": false,
        "AllowedMethods": {
            "Items": \[
                "GET",
                "HEAD"
            \],
            "Quantity": 2
        },
        "MinTTL": 0
    },
    "CallerReference": "example",
    "ViewerCertificate": {
        "CloudFrontDefaultCertificate": true
    },
    "CustomErrorResponses": {
        "Quantity": 0
    },
    "Restrictions": {
        "GeoRestriction": {
            "RestrictionType": "none",
            "Quantity": 0
        }
    },
    "Aliases": {
        "Quantity": 0
    }
}

You need to then run this JSON file through the command line client:

aws cloudfront create-distribution --distribution-config "$(< config.json)"