What are origins and distributions?
An origin is the source content retrieved by edge locations and set up in distributions.
A distribution is the assigned configuration that sets how origins content is distributed.
What is a regional edge cache?
It is an intermediary cache location that caches content for longer than in POPs.
How is it possible to control which origin’s content is retrieved when there are multiple origins for a distribution?
Through parh-based policies and behaviours.
What is a signed URL and signed cookies?
Signed URLs and cookies provide a mechanism of authentication to obtain origin’s content.
Signed URLs apply for single files only; signed cookies do apply for multiple ones.
What is OAI and OAC?
Methods for restricting S3 origin’s content only to CloudFront.
OAI uses a special CloudFront user.
OAC uses the CloudFront service principal.
This requires that users access content through CloudFront.
How SSL/TLS works in Amazon CloudFront?
SSL/TLS can be enabled between users and distributions and between distributions and origins.
- User -> Distribution: Viewer protocol;
- Distribution -> Origin: Origin protocol.
For viewer a third-party or ACM certificate may be used.
For origin it depends on the origin type:
- S3 -> S3 default certificate;
- ELB -> ACM
- EC2 -> Third-party
What is Lambda Edge?
Lambda Edge is a mechanism in which Lambda functions may execute in different phases of the request/response.
User -> Distribution
Distribution -> Origin
Distribution <- Origin
User <- Distribution
