Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.
We can create two policies: Cache & Origin Request Policy for CloudFront.
Cache Policies allow you to control how CloudFront caches content. Origin Request Policies allow you to control the types of data that are included in the request to the origin on a cache miss. Policies are created and configured in the CloudFront console using a new set of screens.
- Login to aws portal.
- Click on Services.
- Under Networking & Content Delivery select CloudFront.
- Click on Policies.
- First Click on Create Cache Policy.
- Provide Cache policy name.
- Provide the value in TTL settings.
- Set minimum & maximum TTL.The minimum & maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront forwards another request to the origin to see if the object has been updated.
- Set Default TTL value.The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects.
- Select Cache key content headers: None or Whitelist.Specify the headers that you want CloudFront to base caching on. All the headers are forwarded to origin.
- Select Cookies :None ,Whitelist or all-except.
- All user cookies in the request URLs that it forwards to your origin (All), only selected cookies (Whitelist), or no cookies (None). If you select Whitelist, add the names of the cookies to the Whitelist Cookies field.
- Select Query String :None, whitelist or all-except.
- If you want CloudFront to forward to the origin (all or none) and which parameters you want CloudFront to base caching on (a whitelist of parameters or all).
- Click on Create Cache policy.
- After sometime Cache policy created successfully.
Origin Request Policy
The Origin request header indicates where a request originates from. It doesn’t include any path information. It is similar to the Referer header, but, unlike that header, it doesn’t disclose the whole path.21-Mar-2021
You can use an origin request policy to control the values (URL query strings, HTTP headers, and cookies) that are included in requests that CloudFront sends to your origin. You can create an origin request policy in the CloudFront console, with the AWS Command Line Interface (AWS CLI), or with the CloudFront API.
- Click on Create Origin request policy.
- Provide origin request policy name.
- Provide Origin request contents : Headers ,Cookies & Query String.
- Select headers: None, whitelist, All viewer header or all viewer header & whitelist.Select one header to add to origin requests.
- Select Cookies :None ,all or Whitelist.To forward the all or only specified cookies present in the request.
- Select Query String :None ,all or whitelist.To forward all or specified parameters present in the request URL.
- Click on Create Origin Request policy.
- Origin request policy created successfully.
Create Cache & Origin Request policy for CloudFront using Shell
- Setup aws-cli on your system so click on link https://www.hackerxone.com/blog/how-install-configure-aws-cli-ubuntu-1804
- Run the following command:
To create cache policy
create-cache-policy –cache-policy-config –name policy-name –defaultTTL value –minTTL value –maxTTL value –EnableAcceptEncodingGzip true/false –EnableAcceptEncodingBrotli true/false
To create origin request policy
create-origin-request-policy –origin-request-policy-config –name <value> –header-config value –cookies-config value –query-string-config value