Internet users are always impressed with websites’ high speed & loading capacities. Why not have a website that loads the content quickly and delivers fast with AWS Cloudfront?
In this tutorial, you learn What AWS CloudFront is and how to set up Amazon CloudFront with AWS S3 and ALB Distributions which enables users to retrieve content quickly by utilizing the concept of caching.
Let’s get started.
Table of Content
- What is AWS Cloudfront?
- How AWS Cloudfront delivers content to your users
- Amazon Cloudfront caching with regional edge caches
- Creating an IAM user in AWS account with programmatic access
- Configuring the IAM user Credentials on local Machine
- How to Set up AWS CloudFront
- How to Use Custom URLs in AWS CloudFront by Adding alternate Domain Names (CNAMEs)
- Using Amazon EC2 as the Origins in the AWS CloudFront
What is AWS Cloudfront?
AWS Cloudfront is an Amazon web service that speeds up the distribution of static and dynamic content such as .html, .css, .js, images, live streaming of video to users. Cloudfront delivers the content quickly using edge locations when the request is requested by users.
If the content is not available in edge locations, Cloudfront requests from the origin configured such as AWS S3 bucket, HTTP server or Load Balancer, etc. Also, the use of Lambda at edge location with CloudFront adds more ways to customize CloudFront.
How AWS Cloudfront delivers content to your users
Now that you have a basic idea of CloudFront knowing how AWS Cloudfront delivers content to users is also important.
Initially, when users request a website or application such as example.com/mypage.html, the DNS server routes the request to AWS Cloudfront edge locations.
Next CloudFront checks if the request can be fulfilled with edge location; else, CloudFront queries to the origin server. The Origin server sends the files back to the edge location, and further Cloudfront sends them back to the user.
Amazon Cloudfront caching with regional edge caches
Delivering the content from the edge location is fine. Still, if you to further improve the performance and latency of content, there is a further caching mechanism based on region, known as regional edge cache.
Regional edge caches help with all types of content, particularly content that becomes less popular over time, such as user-generated content, videos, photos, e-commerce assets such as product photos and videos, etc.
Regional edge cache sits in between the origin server and edge locations. The Edge location stores the content and cache, but when the content is too old it removes it from its cache and forwards it to the regional cache, which has wide coverage to store lots of content.
- You must have AWS account in order to setup AWS CloudFront. If you don’t have AWS account, please create a account from here AWS account.
- AWS S3 bucket created.
Creating an IAM user in AWS account with programmatic access
To connect to AWS Service, you should have an IAM user with an Access key ID and secret keys in the AWS account that you will configure on your local machine to connect to AWS account from your local machine.
There are two ways to connect to an AWS account, the first is providing a username and password on the AWS login page on the browser, and the other way is to configure Access key ID and secret keys on your machine and then use command-line tools to connect programmatically.
- Open your favorite web browser and navigate to the AWS Management Console and log in.
- While in the Console, click on the search bar at the top, search for ‘IAM’, and click on the IAM menu item.
- To Create a user click on Users→ Add user and provide the name of the user myuser and make sure to tick the Programmatic access checkbox in Access type which enables an access key ID and secret access key and then hit the Permissions button.
- Now select the “Attach existing policies directly” option in the set permissions and look for the “Administrator” policy using filter policies in the search box. This policy will allow myuser to have full access to AWS services.
- Finally click on Create user.
- Now, the user is created successfully and you will see an option to download a .csv file. Download this file which contains IAM users i.e. myuser Access key ID and Secret access key which you will use later in the tutorial to connect to AWS service from your local machine.
Configuring the IAM user Credentials on local Machine
Now, you have an IAM user myuser created. The next step is to set the download myuser credentials on the local machine, which you will use to connect AWS service via API calls.
- Create a new file, C:\Users\your_profile\.aws\credentials on your local machine.
- Next, Enter the Access key ID and Secret access key from the downloaded csv file into the credentials file in the same format and save the file.
[default] # Profile Name aws_access_key_id = AKIAXXXXXXXXXXXXXXXX aws_secret_access_key = vIaGXXXXXXXXXXXXXXXXXXXX
credentials files help you to set your profile. By this way, it helps you to create multiple profiles and avoid confusion while connecting to specific AWS accounts.
- Similarly, create another file C:\Users\your_profile\.aws\config in the same directory
- Next, add the “region” into the config file and make sure to add the name of the profile which you provided in the credentials file, and save the file. This file allows you to work with a specific region.
[default] # Profile Name region = us-east-2
How to Set up AWS CloudFront
Now that you know what AWS Cloudfront is, you have an IAM user that will allow you to set up the AWS Cloudfront in the AWS cloud. Let’s set up AWS Cloudfront.
- Open your favorite web browser and navigate to the AWS Management Console and log in.
- While in the Console, click on the search bar at the top, search for ‘CloudFront’, and click on the CloudFront menu item.
- Click on Create distributions and then Get Started
- Now in the Origin settings provide the AWS S3 bucket name and keep other values as default.
- For the settings under Default Cache Behavior Set and Distribution Settings, accept the default values and then click on Create distribution.
- Now upload a index.html with a text hello in the AWS S3 bucket and set the permission as public access as shown below.
- Now check the Amazon S3 URL to verify that your content is publicly accessible
- Finally check the CloudFront URL by hitting domain-name/index.html and it should show the same result as your index.html file contains.
How to Use Custom URLs in AWS CloudFront by Adding alternate Domain Names (CNAMEs)
Previously the CloudFront URL was generated with a domain name *.cloudfront.net by default, but If in production, it is important to configure your own domain name that is CNAME, such as abc.com, in the URL. Let’s learn how to use Custom URLs in AWS CloudFront by adding alternate Domain Names (CNAMEs).
Earlier, the default URL of AWS Cloudfront was http://dsx78lsseoju7.cloudfront.net/index.html, but if you wish to use an alternate domain such as http://abc.com/index.html, follows the step below:
- Navigate back to CloudFront Page and look for the distribution where you need to change the domain and click on Edit
- Here, provide the domain name that you wish to configure with valid SSL certificate.
- Now the domain name is succesfully update in Cloudfront but for the URL to work you will need to configure few things in Route53 AWS service such as alias record set. To do that, navigate to the Route53 page by searching on the top of the AWS Page.
- Click on the Hosted Zone and then click on Create Record
- Now provide the name of record, record type and route traffic as CloudFront distribution. After you configure Route53 verify the index page ( http://mydomain.abc.com/index.html ) and it should work fine.
Using Amazon EC2 as the Origins in the AWS CloudFront
A custom Origin can be an Amazon Elastic Compute Cloud (AWS EC2), for example, an http server. You need to provide the DNS name of the AWS EC2 instance as the custom origin, but while setting the custom origin as AWS EC2, make sure to follow some basic guidelines.
- Host the same content and synchronize the clocks on all servers in the same way.
- Restrict access requests to the HTTP and HTTPS ports that your custom origin listens on that is AWS EC2.
- Use an Elastic Load Balancing load balancer to handle traffic across multiple Amazon EC2 instances and when you create your CloudFront distribution, specify the URL of the load balancer for the domain name of your origin server.
This tutorial taught you what CloudFront is and how to set up CloudFront Distributions in the Amazon cloud. The benefit of using CloudFront is it allows users to retrieve their content quickly by utilizing the concept of caching.
So next, what are you going to manage with CloudFront?
2 thoughts on “What is AWS CloudFront and how to Setup Amazon CloudFront with AWS S3 and ALB Distributions”
Pingback: What is AWS WAF (Web Application Firewall) and how to Setup WAF in AWS account.
After reading even me the topic became interesting.
e. Actual information cvv shop here.