Creating a CloudFront CDN
Step 1: Create a bucket and upload content in a bucket.
- Sign in to the AWS Management Console.
- Click on the S3 services in the AWS Management Console.
- Click on the “Create bucket” button.
- In a create dialog box, enter the bucket name.
I have provided “jtpbucket” as a bucket name.
- Choose a region for your bucket. By default, Amazon S3 bucket stores the object in the US East (Ohio) region.
- Click on the Create button.
- Select your bucket and then click on the Upload button.
- Click on the Add files and select the file from your device that you want to upload.
- Enable public access to the object that has been uploaded successfully.
- After uploading a file, you can navigate to the object by using a URL given below:
https://s3.us-east-2.amazonaws.com/jtpbucket/jtp.jpg
Step 2: Create a CloudFront Distribution
- Open the CloudFront Console by using the link https://console.aws.amazon.com/cloudfront/.
- Click on the Create Distribution
- Select the delivery method for your content, in the Web Distribution, click on the Get Started button.
Origin Settings
Where,
Origin Domain Name: It defines from where the origin is coming from. Origin domain name is jtpbucket.s3.amazonaws.com in which jtpbucket is a bucket that we have created in S3.
Origin Path: There can be multiple origins in a distribution. Origin path is a folder in S3 bucket. You can add the folders in S3 bucket and put it in the Origin Path, means that the origin is coming from the different folders not from the bucket itself. I leave the Origin Path with a default value.
Origin ID: It is the name of the origin. In our case, the name of the origin is S3-jtpbucket.
Restrict Bucket Access: If you don’t want the bucket to be publicly accessible by the S3 URL and you want that all requests must go through CloudFront, then enable the Restrict Bucket Access condition.
Origin Access Identity: We do not have any existing identity, so we click on the Create a new identity.
Grant Read Permissions on Bucket: Either you can manually update the permissions or you want the permissions to be updated automatically. So, we click on the Yes, Update Bucket Policy.
Cache Behavior Settings
Path Pattern: It uses regular expressions. We can have many origins. Suppose my one user wants to access the pdf file from the origin and another user wants to access the jpeg file from the S3 bucket, then we use the path pattern.
Viewer Protocol Policy: You can view the CloudFront Distribution in three ways: HTTP and HTTPS, Redirect HTTP to HTTPS, and HTTPS only. I click on the Redirect HTTP to HTTPS.
Allowed HTTP Methods: You can use the Following methods:
- GET, HEAD
- GET, HEAD, OPTIONS
- GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE : this option is used to give the access to the user to upload the file in CloudFront Distribution and edge location will update your origin.
Restrict Viewer Access: You can also restrict viewer access. For example, you are providing the training to your employees through video, you want to restrict the access to the authenticated employees. This can be achieved by clicking YES to Restrict Viewer Access: condition.
Distribution Settings
Price Class: You can choose the price class that corresponds to the maximum service that you want to pay for the CloudFront service.
Alternate Domain Name: When we create a cloud from the distribution, it becomes unfriendly as the domain name of the CloudFront is a collection of random numbers and letters. To make it friendly, we add an alternate domain name such as cdn.acloud.guru, and this domain name is humanly readable which is applied to this distribution.
SSL Certificate: If the user accesses the content with the CloudFront domain name, it can use the default CloudFront certificate. If the user accesses the content with the alternate domain name, the user needs to use the Custom SSL certificate.
Default Root Object: CloudFront requests for an object that you want from your origin server when the user requests the root URL of your distribution.
Logging: If you select ON means that you want CloudFront to log information about each request for an object and stores the log files in Amazon S3 bucket.
Log Prefix: It is the directory within the bucket.
Cookie Logging: You can either turn ON or OFF the cookie logging. In this example, we are using the Amazon S3 as the origin of your objects, so we do not have to turn ON the Cookie logging.
Distribution State: You can either enable or disable the Distribution state. When the Distribution is enabled, CloudFront processes the viewer requests associated with this Distribution. When the Distribution is disabled, CloudFront does not accept any requests for the content associated with this Distribution.
- Click on the Create Distribution button.
Step 3: Test your Links
- After the Distribution has been created, we get the domain name of the CloudFront Distribution and we also know the object name that we have placed in the S3 bucket. Now, the link can be created as given below:
“http://domain name/object name”