0Pricing
AWS Solutions Architect · Lesson

CloudFront Distributions and Origins

Create a CloudFront distribution, configure S3 and custom HTTP origins, and understand Origin Access Control for S3 security.

What Is Amazon CloudFront?

Amazon CloudFront is AWS's global Content Delivery Network (CDN) that caches and delivers content from edge locations distributed across 400+ cities in 90+ countries. When a user requests content, CloudFront serves it from the nearest edge location, dramatically reducing latency compared to fetching it from the origin server.

CloudFront is not just for static files—it also accelerates dynamic content, APIs, and video streaming. It integrates with other AWS services like S3, ALB, Lambda@Edge, WAF, and Shield, making it the standard distribution layer for modern AWS architectures.

CloudFront Distributions

A CloudFront distribution is the primary configuration unit. It defines: one or more origins (where content lives), cache behaviours (how different URL paths are cached), security settings, and pricing tiers. You access your content through the distribution's domain name (e.g., d1234abcdef.cloudfront.net) or a custom domain (e.g., cdn.example.com) using a CNAME or ALIAS record.

After creation, distributions take 10–15 minutes to deploy globally across all edge locations. Changes to an existing distribution also take several minutes to propagate. There are two distribution types historically, but today all distributions use the unified configuration interface.

# Create a CloudFront distribution backed by S3
aws cloudfront create-distribution \
  --distribution-config '{
    "Origins": {
      "Quantity": 1,
      "Items": [{
        "Id": "S3Origin",
        "DomainName": "my-bucket.s3.amazonaws.com",
        "S3OriginConfig": {"OriginAccessIdentity": ""}
      }]
    },
    "DefaultCacheBehavior": {
      "TargetOriginId": "S3Origin",
      "ViewerProtocolPolicy": "redirect-to-https",
      "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6"
    },
    "Enabled": true,
    "Comment": "My S3 distribution",
    "CallerReference": "2026-06-20-unique"
  }'

All lessons in this course

  1. CloudFront Distributions and Origins
  2. Cache Behaviors and TTL Settings
  3. Signed URLs, Signed Cookies, and Geo-Restriction
  4. CloudFront with WAF and Lambda@Edge
← Back to AWS Solutions Architect