Amazon CloudFront KeyValueStore - Amazon CloudFront
Use casesSupported formats for valuesSecurity
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Amazon CloudFront KeyValueStore

CloudFront KeyValueStore is a secure, global, low-latency key value datastore that allows read access from within CloudFront Functions, enabling advanced customizable logic at the CloudFront edge locations.

With CloudFront KeyValueStore, you make updates to function code and updates to the data associated with a function independently of each other. This separation simplifies function code and makes it easy to update data without the need to deploy code changes.

Note

To use CloudFront KeyValueStore, your CloudFront function must use JavaScript runtime 2.0.

The general procedure for using key-value pairs is as follows:

  • Create key value stores, and populate it with a set of key-value pairs. You can add your key value stores to an Amazon S3 bucket or enter them manually.

  • Associate the key value stores with your CloudFront function.

  • Within your function code, use the name of the key to either retrieve the value associated with the key or to evaluate if a key exists. For more information about using key-value pairs in function code, and for information about helper methods, see Helper methods for key value stores.

For more information about getting started with CloudFront KeyValueStore, see the Introducing Amazon CloudFront KeyValueStore Amazon blog post.

You can use the CloudFront console, the CloudFront API, or a supported Amazon SDK. To get started with CloudFront KeyValueStore, see the following topics.

Topics

Use cases

Typical use cases for key-value pairs are the following:

  • URL rewrites or redirects. The key-value pair could hold the rewritten URLs or the redirect URLs.

  • A/B testing and feature flags. You could create a function to run experiments by assigning a percentage of traffic to a specific version of your website.

  • Access authorization. You could implement access control to allow or deny requests based on criteria defined by you and the data stored in a key value store.

Supported formats for values

The value in a key-value pair can be stored in any of the following formats:

  • A string

  • A byte-encoded string

  • JSON

Security

The CloudFront function and all its key value stores data are handled securely, as follows:

  • CloudFront encrypts each key value stores at rest and during transit (when reading or writing to the key value stores) when you call the CloudFront KeyValueStore API operations.

  • When the function is run, CloudFront decrypts each key-value pair in memory at the CloudFront edge locations.