{"id":2824,"date":"2019-06-16T11:30:47","date_gmt":"2019-06-16T09:30:47","guid":{"rendered":"http:\/\/miro.borodziuk.eu\/?p=2824"},"modified":"2019-08-30T13:46:52","modified_gmt":"2019-08-30T11:46:52","slug":"cloudfront","status":"publish","type":"post","link":"http:\/\/miro.borodziuk.eu\/index.php\/2019\/06\/16\/cloudfront\/","title":{"rendered":"CloudFront"},"content":{"rendered":"<p>CloudFront is a content delivery network (CDN). A CDN is a global cache that stores copies of your data on edge caches, which are positioned as close to your customers as possible. It has three main benefits: lower latency, higher transfer speeds, and reduced load on the content server.<\/p>\n<p><!--more--><\/p>\n<p>AWS Global Content Delivery Network (CDN):<\/p>\n<ul>\n<li>Low latency<\/li>\n<li>High transfer speeds from the origin<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>Components<\/p>\n<ul>\n<li>Origin:<\/li>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>The server or service that hosts your content (original version of your content)<\/li>\n<li>Can be an S3 bucket, web server, or Amazon MediaStore.<\/li>\n<\/ul>\n<\/li>\n<li>Distribution:<\/li>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Points edge locations and regional caches back to the origin<\/li>\n<li>Configuration of logging, availability, and limitations<\/li>\n<li>The &#8220;configuration&#8221; entity within CloudFront. It&#8217;s where you configure all aspects of a specific &#8220;implementation&#8221; of CloudFront from.<\/li>\n<\/ul>\n<\/li>\n<li>Edge Locations:<\/li>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>The location of your cached objects, located all over the globe<\/li>\n<li>Current total is 169 in 30 countries<\/li>\n<li>The local infrastructure that hosts caches of your data. Positioned in over 150 locations globally in over 30 countries.<\/li>\n<\/ul>\n<\/li>\n<li>Regional Edge Caches:<\/li>\n<li style=\"list-style-type: none;\">\n<ul>\n<li>Location of cached objects that are not as frequently accessed<\/li>\n<li>Current total is 11 in 30 countries<\/li>\n<li>Larger versions of edge locations. Less of them but have more capacity and can serve larger areas<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2825 aligncenter\" src=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/CloudFront.jpg\" alt=\"\" width=\"675\" height=\"446\" srcset=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/CloudFront.jpg 675w, http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/CloudFront-300x198.jpg 300w\" sizes=\"(max-width: 675px) 100vw, 675px\" \/><\/p>\n<p>Caching Process<\/p>\n<ul>\n<li>Create a distribution and point at one or more origins. A distribution has a DNS address that is used to access it.<\/li>\n<li>The DNS address directs clients at the closest available edge location.<\/li>\n<li>If the edge location has a cached copy of your data, it&#8217;s delivered locally from that edge location.<\/li>\n<li>If it&#8217;s not cached, the edge location attempts to download it from either a regional cache or from the origin (known as an origin fetch).<\/li>\n<li>As the edge location receives the data, it immediately begins forwarding it and caches it for the next visitor.<\/li>\n<\/ul>\n<p>Process (alternative description)<\/p>\n<ul>\n<li>When an edge location receives a request, it checks to see if it is cached locally<\/li>\n<li>If so, the content is delivered<\/li>\n<li>If not, the edge location can query the regional edge cache or the origin<\/li>\n<li>When receiving these requested objects, the edge location immediately starts to forward to the end user<\/li>\n<\/ul>\n<p>Content can expire, be discarded, and be recached. Or you can explicitly invalidate content to remove it from caches.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2830 aligncenter\" src=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch.jpg\" alt=\"\" width=\"647\" height=\"778\" srcset=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch.jpg 647w, http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch-249x300.jpg 249w\" sizes=\"(max-width: 647px) 100vw, 647px\" \/><\/p>\n<p>Making Changes to Content<\/p>\n<ul>\n<li>You can simply <strong>delete<\/strong> from the origin and wait for content at the edge locations to reach the expiration period.<\/li>\n<li>You can <strong>invalidate<\/strong> content to have it removed before the expiration, but it does<strong> cost more<\/strong>.<\/li>\n<\/ul>\n<p>By default, CloudFront is fully <strong>publicly accessible<\/strong> &#8211; anyone with the DNS endpoint address can access content cached by the distribution.<\/p>\n<p>A distribution can be configured to be <strong>private<\/strong> where each access requires a <strong>signed URL<\/strong> or <strong>cookie<\/strong>. This is done by setting the<strong> trusted signers<\/strong> on the distribution.<\/p>\n<p>Private distributions can be <strong>bypassed<\/strong> by going straight to the origin (e.g., an S3 bucket).<\/p>\n<p>An origin access identity (0A1) is a virtual identity that can be associated with a distribution. An S3 bucket can then be restricted to only allow this OAI to access it \u2014 all other identities can be denied.<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-2831 aligncenter\" src=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch2.jpg\" alt=\"\" width=\"608\" height=\"410\" srcset=\"http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch2.jpg 608w, http:\/\/miro.borodziuk.eu\/wp-content\/uploads\/ClodFrontArch2-300x202.jpg 300w\" sizes=\"(max-width: 608px) 100vw, 608px\" \/><\/p>\n<p>&nbsp;<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CloudFront is a content delivery network (CDN). A CDN is a global cache that stores copies of your data on edge caches, which are positioned as close to your customers as possible. It has three main benefits: lower latency, higher transfer speeds, and reduced load on the content server.<\/p>\n","protected":false},"author":1,"featured_media":2826,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[78],"tags":[],"_links":{"self":[{"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/posts\/2824"}],"collection":[{"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/comments?post=2824"}],"version-history":[{"count":10,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/posts\/2824\/revisions"}],"predecessor-version":[{"id":2838,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/posts\/2824\/revisions\/2838"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/media\/2826"}],"wp:attachment":[{"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/media?parent=2824"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/categories?post=2824"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/miro.borodziuk.eu\/index.php\/wp-json\/wp\/v2\/tags?post=2824"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}