Open menu
-->

Configure AWS Cloudfront to Compress Objects Automatically

Cloud Conformity allows you to automate the auditing process of this resolution page. Register for a 14 day evaluation and check your compliance level for free!

Start a Free Trial Product features
Performance
efficiency
Cost
optimisation

Risk level: Low (generally tolerable level of risk)

Ensure that your Amazon Cloudfront Content Delivery Network (CDN) distributions are configured to automatically compress content for web requests that include "Accept-Encoding: gzip" in the request header, in order to increase your web applications performance and reduce bandwidth costs. AWS Cloudfront compresses files of certain types for both Amazon S3 origins and custom origins.

To optimise your AWS cloud costs and speed up your web applications, configure your Cloudfront distributions to compress the web content served. With compression enabled, the download process is faster because the files are smaller. For example, for CSS and Javascript files, faster downloads translates into faster rendering of web pages for your users. Also, because the cost of Cloudfront data transfer is based on the total amount of data served, sending compressed files to the viewers is much less expensive than sending uncompressed files.

Audit

To determine if your existing AWS Cloudfront distributions are configured to compress web content automatically, perform the following actions:

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to Cloudfront dashboard at https://console.aws.amazon.com/cloudfront/.

03 In the left navigation panel, click Distributions to access the existing distributions.

04 On Cloudfront Distribution page, under the main menu, select Web and Enabled from Viewing dropdown lists to return all active web distributions available in your AWS account.

05 Select the web distribution that you want to examine.

06 Click the Distribution Settings button from the dashboard top menu to access the resource configuration page.

07 Choose the Behaviors tab and select the default behavior for the distribution.

08 Click the Edit button to access the configuration settings for the selected distribution behavior.

09 On the Edit Behavior page, check Compress Objects Automatically configuration setting. If Compress Objects Automatically is set to No, the selected Amazon Cloudfront web distribution is not configured to compress objects (files) automatically.

10 Repeat steps no. 5 – 9 to verify the object compression configuration for other Cloudfront CDN distributions available in your AWS account.

Using AWS CLI

01 Run list-distributions command (OSX/Linux/UNIX) using custom query filters to list the IDs of all Cloudfront web distributions provisioned in your AWS account:

aws cloudfront list-distributions
    --output table
    --query 'DistributionList.Items[*].Id'

02 The command output should return a table with the requested IDs:

--------------------
|ListDistributions |
+------------------+
|  AAAABBBBCCCCDD  |
|  ABCD1234ABCD12  |
|  AA11BB22CC33DD  |
+------------------+

03 Run get-distribution command (OSX/Linux/UNIX) using the ID of the web distribution that you want to examine as identifier and custom query filters to describe the object compression configuration setting for the selected Cloudfront CDN distribution:

aws cloudfront get-distribution
    --id AAAABBBBCCCCDD
    --query "Distribution.DistributionConfig.DefaultCacheBehavior.Compress" 

04 The command output should return the requested setting status. If the current distribution is configured to compress objects, the value returned should be true, otherwise it should be false:

false

If the get-distribution command output returns false, as shown in the example above, the selected Amazon Cloudfront web distribution is not currently configured to compress files (objects) automatically.

05 Repeat step no. 3 and 4 to check the object compression configuration for other Cloudfront CDN distributions available within your AWS account.

Remediation / Resolution

To configure your existing AWS Cloudfront CDN distributions to automatically compress your web content (CSS, JS, HTML, etc), perform the following actions:

Using AWS Console

01 Sign in to the AWS Management Console.

02 Navigate to Cloudfront dashboard at https://console.aws.amazon.com/cloudfront/.

03 In the left navigation panel, click Distributions.

04 On Cloudfront Distribution page, under the main menu, select Web and Enabled from Viewing dropdown menus to list all active web distributions available in your AWS account.

05 Select the web distribution that you want to reconfigure (see Audit section part I to identify the right CDN distribution).

06 Click the Distribution Settings button from the dashboard top menu to access the resource configuration page.

07 Choose the Behaviors tab and select the distribution default behavior.

08 Click the Edit button to access the configuration settings for the selected behavior.

09 On the Edit Behavior page, under Default Cache Behavior Settings, select Yes next to Compress Objects Automatically configuration setting to enable compression, then click Yes, Edit to apply the configuration changes.

10 Repeat steps no. 5 – 9 to enable the object compression feature for other Amazon Cloudfront web distributions provisioned in your AWS account.

Using AWS CLI

01 Run get-distribution-config command (OSX/Linux/UNIX) to extract the configuration information from the AWS Cloudfront web distribution that you want to reconfigure (see Audit section part II to identify the right resource):

aws cloudfront get-distribution-config 
    --id AAAABBBBCCCCDD

02 The command output should return the configuration information for the selected distribution:

{
    "Distribution": {
        "Status": "Deployed",
        "DomainName": "abc1234abc1234.cloudfront.net",
        "InProgressInvalidationBatches": 0,
        "DistributionConfig": {
            "IsIPV6Enabled": true,
 
            ...
 
            "Aliases": {
                "Quantity": 0
            }
        },
        "ActiveTrustedSigners": {
            "Enabled": false,
            "Quantity": 0
        }
    },
    "ETag": "ABCDABCDABCDAB"
}

03 Modify the configuration document returned at the previous step to enable object compression by setting the Distribution.DistributionConfig.DefaultCacheBehavior.Compress configuration attribute value to true (as shown in the example below), then save the new configuration in a JSON document named "enable-compression.json". Replace <domain_name>, <distribution_id> and other custom configuration details with your own details:

{
    "Distribution": {
        "Status": "Deployed",
        "DomainName": "abc1234abc1234.cloudfront.net",
        "InProgressInvalidationBatches": 0,
        "DistributionConfig": {
            "Comment": "",
            "CacheBehaviors": {
                "Quantity": 0
            },
            "IsIPV6Enabled": true,
            "Logging": {
                "Bucket": "",
                "Prefix": "",
                "Enabled": false,
                "IncludeCookies": false
            },
            "WebACLId": "",
            "Origins": {
                "Items": [
                    {
                        "S3OriginConfig": {
                            "OriginAccessIdentity": ""
                        },
                        "OriginPath": "",
                        "CustomHeaders": {
                            "Quantity": 0
                        },
                        "Id": "<distribution_id>",
                        "DomainName": "<domain_name>"
                    }
                ],
                "Quantity": 1
            },
            "DefaultRootObject": "",
            "PriceClass": "PriceClass_All",
            "Enabled": true,
            "DefaultCacheBehavior": {
                "TrustedSigners": {
                    "Enabled": false,
                    "Quantity": 0
                },
                "LambdaFunctionAssociations": {
                    "Quantity": 0
                },
                "TargetOriginId": "<distribution_id>",
                "ViewerProtocolPolicy": "allow-all",
                "ForwardedValues": {
                    "Headers": {
                        "Quantity": 0
                    },
                    "Cookies": {
                        "Forward": "none"
                    },
                    "QueryStringCacheKeys": {
                        "Quantity": 0
                    },
                    "QueryString": false
                },
                "MaxTTL": 31536000,
                "SmoothStreaming": false,
                "DefaultTTL": 86400,
                "AllowedMethods": {
                    "Items": [
                        "HEAD",
                        "GET"
                    ],
                    "CachedMethods": {
                        "Items": [
                            "HEAD",
                            "GET"
                        ],
                        "Quantity": 2
                    },
                    "Quantity": 2
                },
                "MinTTL": 0,
                "Compress": true
            },
            "CallerReference": "1234567890123",
            "ViewerCertificate": {
                "CloudfrontDefaultCertificate": true,
                "MinimumProtocolVersion": "TLSv1",
                "CertificateSource": "cloudfront"
            },
            "CustomErrorResponses": {
                "Quantity": 0
            },
            "HttpVersion": "http2",
            "Restrictions": {
                "GeoRestriction": {
                    "RestrictionType": "none",
                    "Quantity": 0
                }
            },
            "Aliases": {
                "Quantity": 0
            }
        },
        "ActiveTrustedSigners": {
            "Enabled": false,
            "Quantity": 0
        },
        "LastModifiedTime": "2018-07-27T16:58:05.946Z",
        "Id": "12345678901234",
        "ARN": "arn:aws:cloudfront::123456789012:distribution/12345678901234"
    },
    "ETag": "ABCDABCDABCDAB"
}

04 Run update-distribution command (OSX/Linux/UNIX) to update the configuration for the selected Amazon Cloudfront CDN distribution (see Audit section part II to identify the right distribution) in order to enable object compression. The following command example updates a web distribution identified by the ID "AAAABBBBCCCCDD" using a JSON configuration document named "enable-compression.json":

aws cloudfront update-distribution
    --id AAAABBBBCCCCDD
    --distribution-config file://enable-compression.json
    --if-match ABCDABCDABCDAB

05 The command output should return the configuration metadata for the modified Amazon Cloudfront web distribution:

{
    "Distribution": {
        "Status": "Deployed",
        "DomainName": "abc1234abc1234.cloudfront.net",
        "InProgressInvalidationBatches": 0,
        "DistributionConfig": {
 
            ... 
 
            "DefaultCacheBehavior": {
 
                ...
              
                "Compress": true
            },
            "CallerReference": "1234567890123",
            
            ...
 
        "ActiveTrustedSigners": {
            "Enabled": false,
            "Quantity": 0
        },
        "Id": "12345678901234",
        "ARN": "arn:aws:cloudfront::123456789012:distribution/12345678901234"
    },
    "ETag": "ABCDABCDABCDAB"
} 

06 Repeat steps no. 1 – 5 to enable the object compression feature for other Cloudfront CDN web distributions available in your AWS account.

References

Publication date Aug 28, 2018