This is the second part of the series covering Amazon CloudFront. In this part we will get back to the process of creation of a CloudFront distribution and discuss the options that we have there.

VMware Training – Resources (Intense)

So let’s start with “Origin Settings”:

  • “Origin Domain Name” – the DNS name of the origin server
  • “Origin Path” – you can specify the directory within the Amazon S3 bucket to be used as root folder when the requests are made
  • “Origin ID” – this is a string that allows you to differentiate this origins from the origins from the same distribution. If you don’t specify a value, one is being created for you based on the origin domain name
  • Restrict Bucket Access – If the option is “Yes” then the objects from the S3 bucket will be accessed only by using the CloudFront URL and not using the S3 URL. If the option is “No”, then you can access the objects from the bucket by using both methods. As you can see below, I can access the index.html by referencing the S3 URL:

Let’s move further on “Default Cache Behavior Settings.” Actually this section is seen in this form only when you create the distribution. A cache behavior will allow you to configure different settings for different types of files. The default cache behavior for a new distribution is forwarding all the requests to the origin. Once the distribution was created, additional cache behaviors can be added.

– “Path Pattern” – specifies to which requests this cache behavior should be applied. As mentioned, you cannot modify the value if you are in the process of creating the distribution. For instance, after the distribution was created, I created another cache behavior that is applied only to files with the extension .jpg:

– “Viewer Protocol Policy” – this defines that protocol that you want users to use to access the content.

– “Allowed HTTP Methods” – this defines what HTTP methods can be processed by CloudFront and forwarded to the origin.

– “Cached HTTP Methods” – specifies whose HTTP’s methods the response should be cached.

– “Object Caching” – defines how long the objects should be stored in cache. If the origin server is adding a “Cache-Control” header to control how long the objects will stay in the cache, the choose “Use Origin Cache Headers”. If you want to override, you can choose “Customize” and specify the value of “TTL” that you want to keep the object in the cache. The value is in seconds.

– “Forward Cookies” – This is not applicable to S3 buckets based origins. This defines if the cookies should be forwarded to the origin.

– “Forward Query Strings” – This defines if the origin server can return different versions of the objects based on a query string from the URL.

– “Smooth Streaming” – This allows you to distribute media files in the Microsoft Smooth Streaming format.

– “Restricted Viewer Access” – This defines if the objects matched by the cache behaviour can be requested using public URLs or signed URLs.

Let’s move on to the next section, “Distribution Settings”:

– “Price Class” – Defines from which edge locations the content will be delivered to the users and implicitly the price that you will pay. Obviously the best performance comes with the highest price.

– “Alternate Domain Names(CNAMEs)” – you can specify a domain name of your choice to be used to retrieve the content instead of the URL provided by CloudFront. For instance, I used this CNAME. You will need to make the proper changes in your DNS:

And I can access the files using this link: www.vtep.net/index.html

– “SSL Certificate” – This defines the HTTPS access certificates

– “Default Root Object” – This defines the object that is accessed when the root URL is requested. For instance, if index.html would be used, then both these two links will show the same thing: http://dtj4m7p93mot1.cloudfront.net/index.html and http://dtj4m7p93mot1.cloudfront.net

– “Logging” – This configured logging for each request and the logs are kept in a S3 bucket.

– “Bucket for Logs”, “Log Prefix” and “Cookie Logging” are related to the logging option.

– “Comment” – You can use this field to add additional information.

– “Distribution State” – This defines if the distribution should be enabled or disabled after it’s being deployed.

And these are the options that you can modify during distribution creation.

There are a few other options that you can change after the distribution was created.

This is how you can access the distribution settings. Select the distribution and click on “Distribution Settings”:

This will take you to a multi-tab page from where you can change the settings that you saw during distribution creation and others:

Other interesting settings are found in the “Restrictions” tab. Here you can deny access from specific countries (blacklist) or you can allow access from specific countries (whitelist):

Now, let’s discuss a little bit about some of the options.

The first one will be “Object Caching.” As said previously you can modify the default 24 hour intervals that an object can stay in the cache before CloudFront forwards another request to the origin server. There are two sides of the story. Let’s say that the object version is changed on a weekly basis. If you lower the TTL, then the only thing that you will do will be to keep sending the requests to the origin although the version has not changed. You are charged based on the requests made. However, if the object version changes 10 times a day, if you keep the default TTL, then the user that will be served from the same edge location where the file is already in cache might not get the latest version of the object.

Choose the right TTL value based on the version change of the objects.

The second one is “Price Class”. As said, this defines from what edge locations the user can be served. If you are choosing to serve the user only from the U.S. and Europe and the user is from Asia, then the latency for this user will be higher than if he would be in the U.S. or Europe. But you will pay less.

Choose the right price class based on the location of your users.

And we reached the end of the second part of the CloudFront series.

By reaching this point of the article, you should be now familiar with the settings of a Web distribution and how you can change them to achieve the best content delivery for users.

Reference