Open menu
-->

AWS CloudFront Best Practices

AWS CloudFront is a global content delivery network (CDN) service that increases the speed of delivery of your websites and content.



AWS CloudFront is a global content delivery network (CDN) service that increases the speed of delivery of your websites and content.

Cloud Conformity checks AWS CloudFront service according to the following rules:

AWS CloudFront CDN In Use
Ensure AWS CloudFront CDN service is in use for fast and secure web content delivery.

AWS CloudFront – WAF Integration
Ensure your Cloudfront CDN distributions are integrated with AWS WAF.

Enable Access Logging for AWS CloudFront Distributions
Ensure AWS Cloudfront CDN distributions have access logging enabled.

Configure CloudFront Viewer Protocol Policy to Enforce Encryption
Configure HTTP to HTTPS redirects for your CloudFront distribution viewer protocol policy.

Enable Origin Access Identity for CloudFront Distributions with S3 Origin
Ensure your AWS Cloudfront distributions are using an origin access identity for their origin S3 buckets.

Enable AWS CloudFront Geo Restriction
Ensure geo restriction is enabled within CloudFront distribution.

Configure AWS Cloudfront to Compress Objects Automatically
Ensure that AWS Cloudfront web distributions are configured to compress objects (files) automatically.

AWS CloudFront Origin Insecure SSL Protocols
Ensure AWS CloudFront distributions origin(s) do not use insecure SSL protocols.

AWS CloudFront Security Policy
Ensure AWS CloudFront distributions are using improved security policies for HTTPS connections.

Unencrypted AWS CloudFront Traffic
Ensure the traffic between the AWS CloudFront distributions and their origins is encrypted.

Use Cloudfront Content Distribution Network
Use AWS Cloudfront Content Distribution Network for secure web content delivery.