Configure secure access and restrict access to content (original) (raw)

DocumentationAmazon CloudFrontDeveloper Guide

CloudFront provides several options for securing content that it delivers. The following are some ways you can use CloudFront to secure and restrict access to content:

• Configure HTTPS connections
• Prevent users in specific geographic locations from accessing content
• Require users to access content using CloudFront signed URLs or signed cookies
• Set up field-level encryption for specific content fields
• Use AWS WAF to control access to your content

You should also implement a DDoS-resilient architecture for your infrastructure and applications. For more information, see AWS Best Practices for DDoS Resiliency.

For additional information, see the following:

• Securing your content delivery with CloudFront
• SIEM on Amazon OpenSearch Service

Topics

• Use HTTPS with CloudFront
• Use alternate domain names and HTTPS
• Serve private content with signed URLs and signed cookies
• Restrict access to an AWS origin
• Restrict access to Application Load Balancers
• Restrict the geographic distribution of your content
• Use field-level encryption to help protect sensitive data

Document Conventions

Disable AWS WAF security protections

Use HTTPS with CloudFront

Did this page help you? - Yes

Thanks for letting us know we're doing a good job!

If you've got a moment, please tell us what we did right so we can do more of it.

Did this page help you? - No

Thanks for letting us know this page needs work. We're sorry we let you down.

If you've got a moment, please tell us how we can make the documentation better.