Speeding up your website with Amazon CloudFront - Amazon Simple Storage Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Speeding up your website with Amazon CloudFront

You can use Amazon CloudFront to improve the performance of your Amazon S3 website. CloudFront makes your website files (such as HTML, images, and video) available from data centers around the world (known as edge locations). When a visitor requests a file from your website, CloudFront automatically redirects the request to a copy of the file at the nearest edge location. This results in faster download times than if the visitor had requested the content from a data center that is located farther away.

CloudFront caches content at edge locations for a period of time that you specify. If a visitor requests content that has been cached for longer than the expiration date, CloudFront checks the origin server to see if a newer version of the content is available. If a newer version is available, CloudFront copies the new version to the edge location. Changes that you make to the original content are replicated to edge locations as visitors request the content.

Using CloudFront without Route 53

The tutorial on this page uses Route 53 to point to your CloudFront distribution. However, if you want to serve content hosted in an Amazon S3 bucket using CloudFront without using Route 53, see Amazon CloudFront Tutorials: Setting up a Dynamic Content Distribution for Amazon S3. When you serve content hosted in an Amazon S3 bucket using CloudFront, you can use any bucket name, and both HTTP and HTTPS are supported.

Automating set up with an Amazon CloudFormation template

For more information about using an Amazon CloudFormation template to configure a secure static website that creates a CloudFront distribution to serve your website, see Getting started with a secure static website in the Amazon CloudFront Developer Guide.

Step 1: Create a CloudFront distribution

First, you create a CloudFront distribution. This makes your website available from data centers around the world.

To create a distribution with an Amazon S3 origin
  1. Open the CloudFront console at https://console.amazonaws.cn/cloudfront/v4/home.

  2. Choose Create Distribution.

  3. On the Create Distribution page, in the Origin Settings section, for Origin Domain Name, enter the Amazon S3 website endpoint for your bucket—for example, example.com.s3-website.us-west-1.amazonaws.com.

    CloudFront fills in the Origin ID for you.

  4. For Default Cache Behavior Settings, keep the values set to the defaults.

    With the default settings for Viewer Protocol Policy, you can use HTTPS for your static website. For more information these configuration options, see Values that You Specify When You Create or Update a Web Distribution in the Amazon CloudFront Developer Guide.

  5. For Distribution Settings, do the following:

    1. Leave Price Class set to Use All Edge Locations (Best Performance).

    2. Set Alternate Domain Names (CNAMEs) to the root domain and www subdomain. In this tutorial, these are example.com and www.example.com.


      Before you perform this step, note the requirements for using alternate domain names, in particular the need for a valid SSL/TLS certificate.

    3. For SSL Certificate, choose Custom SSL Certificate (example.com), and choose the custom certificate that covers the domain and subdomain names.

      For more information, see SSL Certificate in the Amazon CloudFront Developer Guide.

    4. In Default Root Object, enter the name of your index document, for example, index.html.

      If the URL used to access the distribution doesn't contain a file name, the CloudFront distribution returns the index document. The Default Root Object should exactly match the name of the index document for your static website. For more information, see Configuring an index document.

    5. Set Logging to On.


      When you create or update a distribution and enable CloudFront logging, CloudFront updates the bucket access control list (ACL) to give the awslogsdelivery account FULL_CONTROL permissions to write logs to your bucket. For more information, see Permissions required to configure standard logging and to access your log files in the Amazon CloudFront Developer Guide. If the bucket that stores the logs uses the Bucket owner enforced setting for S3 Object Ownership to disable ACLs, CloudFront cannot write logs to the bucket. For more information, see Controlling ownership of objects and disabling ACLs for your bucket.

    6. For Bucket for Logs, choose the logging bucket that you created.

      For more information about configuring a logging bucket, see (Optional) Logging web traffic.

    7. If you want to store the logs that are generated by traffic to the CloudFront distribution in a folder, in Log Prefix, enter the folder name.

    8. Keep all other settings at their default values.

  6. Choose Create Distribution.

  7. To see the status of the distribution, find the distribution in the console and check the Status column.

    A status of InProgress indicates that the distribution is not yet fully deployed.

    After your distribution is deployed, you can reference your content with the new CloudFront domain name.

  8. Record the value of Domain Name shown in the CloudFront console, for example, dj4p1rv6mvubz.cloudfront.net.

  9. To verify that your CloudFront distribution is working, enter the domain name of the distribution in a web browser.

    If your website is visible, the CloudFront distribution works. If your website has a custom domain registered with Amazon Route 53, you will need the CloudFront domain name to update the record set in the next step.

Step 2: Update the record sets for your domain and subdomain

Now that you have successfully created a CloudFront distribution, update the alias record in Route 53 to point to the new CloudFront distribution.

To update the alias record to point to a CloudFront distribution
  1. Open the Route 53 console at https://console.amazonaws.cn/route53/.

  2. In the left navigation, choose Hosted zones.

  3. On the Hosted Zones page, choose the hosted zone that you created for your subdomain, for example, www.example.com.

  4. Under Records, select the A record that you created for your subdomain.

  5. Under Record details, choose Edit record.

  6. Under Route traffic to, choose Alias to CloudFront distribution.

  7. Under Choose distribution, choose the CloudFront distribution.

  8. Choose Save.

  9. To redirect the A record for the root domain to the CloudFront distribution, repeat this procedure for the root domain, for example, example.com.

    The update to the record sets takes effect within 2–48 hours.

  10. To see whether the new A records have taken effect, in a web browser, enter your subdomain URL, for example, http://www.example.com.

    If the browser no longer redirects you to the root domain (for example, http://example.com), the new A records are in place. When the new A record has taken effect, traffic routed by the new A record to the CloudFront distribution is not redirected to the root domain. Any visitors who reference the site by using http://example.com or http://www.example.com are redirected to the nearest CloudFront edge location, where they benefit from faster download times.


    Browsers can cache redirect settings. If you think the new A record settings should have taken effect, but your browser still redirects http://www.example.com to http://example.com, try clearing your browser history and cache, closing and reopening your browser application, or using a different web browser.

(Optional) Step 3: Check the log files

The access logs tell you how many people are visiting the website. They also contain valuable business data that you can analyze with other services, such as Amazon EMR.

CloudFront logs are stored in the bucket and folder that you choose when you create a CloudFront distribution and enable logging. CloudFront writes logs to your log bucket within 24 hours from when the corresponding requests are made.

To see the log files for your website
  1. Open the Amazon S3 console at https://console.amazonaws.cn/s3/.

  2. Choose the name of the logging bucket for your website.

  3. Choose the CloudFront logs folder.

  4. Download the .gzip files written by CloudFront before opening them.

    If you created your website only as a learning exercise, you can delete the resources that you allocated so that you no longer accrue charges. To do so, see Cleaning up your example resources. After you delete your Amazon resources, your website is no longer available.