AWS CloudFront Best Practices
Cloud Conformity monitors Amazon CloudFront following the following rules:
Ensure that AWS Cloudfront web distributions are configured to compress objects (files) automatically.
Ensure geo restriction is enabled within CloudFront distribution.
Ensure AWS CloudFront CDN service is in use for fast and secure web content delivery.
Ensure AWS CloudFront distributions origin(s) do not use insecure SSL protocols.
Ensure your Cloudfront CDN distributions are integrated with AWS WAF.
Ensure AWS Cloudfront CDN distributions have access logging enabled.
Ensure AWS CloudFront distributions are using improved security policies for HTTPS connections.
Ensure the traffic between the AWS CloudFront distributions and their origins is encrypted.
Configure HTTP to HTTPS redirects for your CloudFront distribution viewer protocol policy.
Ensure your AWS Cloudfront distributions are using an origin access identity for their origin S3 buckets.
Ensure that AWS CloudFront distributions are using Origin Failover feature to optimize their high availability.
Ensure that Amazon CloudFront web distributions enforce field-level encryption.
Use AWS Cloudfront Content Distribution Network for secure web content delivery.