Ensure that AWS CloudFront Content Delivery Network (CDN) service is used within your AWS account to secure and accelerate the delivery of your websites, media files or static resources (e.g., CSS files, JavaScript files, images) handled by your web applications.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using AWS CloudFront CDN service can have a significant impact on the performance, security, reliability and availability of your websites/applications content delivery process. CloudFront has several advantages over other Content Delivery Network providers: is fast – using a global network of 59 edge locations, CloudFront caches and delivers copies of your static content close to users with minimal latency, is secure - enforces HTTPS connections between the service edge locations and your origin server and can be integrated with AWS WAF (a web application firewall service made available by Amazon to protect web applications against common attacks), is highly available – engineered for HA and built on top of Amazon’s highly reliable infrastructure, easy to use - you can manage CloudFront distributions with just few clicks using the Management Console or programmatically via AWS API, cost effective - you only pay the web content delivered through the CDN network (pay-as-you-go price plan) and can be easily integrated with other AWS components such as EC2, S3 and AWS WAF.
Audit
To determine if the Cloudfront service is used as Content Delivery Network within your AWS account, perform the following:
Remediation / Resolution
In order to utilize AWS Cloudfront as a CDN service to secure and accelerate the delivery of your websites, media files or other static resources, you must create and configure Cloudfront web distributions. To create your own distribution, perform the following:
References
- AWS Documentation
- How CloudFront Delivers Content
- Overview of Web and RTMP Distributions
- Task List for Creating a Web Distribution
- Creating or Updating a Web Distribution Using the CloudFront Console
- Values that You Specify When You Create or Update a Web Distribution
- AWS Command Line Interface (CLI) Documentation
- cloudfront
- list-distributions
- create-distribution
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
for and
Get started for FREE
You are auditing:
CloudFront In Use
Risk level: Medium