UNIT 13

AWS Fundamentals: Amazon CloudFront UNIT 13: AMAZON CLOUDFRONT Structure 13.1 Learning Objectives 13.2 Overview 13.3 Configuring CloudFront 13.4 CloudFront architectural consideration 13.5 Accessing CloudFront 13.6 Dynamic content with CloudFront 13.7 Streaming media with CloudFront 13.8 Monitoring CloudFront with CloudWatch 13.9 Summary 13.10 Glossary 13.11 References 13.1 Learning Objectives After studying this unit, you will be able to: • Give an overview on CloudFront • Describe on CloudFront Architecture • Explain the importance of AWS CloudFront • Describe the procedure of CloudFront caching process • Explain about Amazon CloudFront Media Streaming Process • Give an explanation on Monitoring CloudFront With CloudWatch 13.2 Overview Amazon CloudFront is a content delivery network (CDN) operated by Amazon Web Services. It operates on a pay-as-you-go basis. CloudFront has servers located in Europe, Asia, Australia, South America, Africa, and several major cities in the United States. Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving with CloudFront, the request is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance. A CloudFront edge server provides the fastest delivery to the viewer. AWS network dramatically reduces the number of networks this ultimetely helps to improve the performance. Page 1 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront 13.3 Configuring CloudFront to deliver your content You create a CloudFront distribution to tell CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery. 1. You specify origin servers, like an Amazon S3 bucket or your own HTTP server, from which CloudFront gets your files which will then be distributed from CloudFront edge locations all over the world. 2. You upload your files to your origin servers. Your files, also known as objects, typically include web pages, images, and media files, but can be anything that can be served over HTTP. 3. You create a CloudFront distribution, which tells CloudFront which origin servers to get your files from when users request the files through your web site or application. At the same time, you specify details such as whether you want CloudFront to log all requests and whether you want the distribution to be enabled as soon as it's created. 4. CloudFront assigns a domain name to your new distribution that you can see in the CloudFront console, or that is returned in the response to a programmatic request, for example, an API request. If you like, you can add an alternate domain name to use instead. 5. CloudFront sends your distribution's configuration (but not your content) to all of its edge locations or points of presence (POPs). Page 2 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront 13.4 CloudFront architectural considerations On the diagram below you can see two users from the same region are trying to access a single file from the Origin (S3). There are two Edge cache locations having connected a single Regional Edge cache in the same region. Each user points to separate Edge cache locations. The CloudFront Architecture Step 1: The user request is landed on the closest Edge location. The process checks the requested resource (image) is available at the Edge location. Step 2: If the content is available, it returns the successful response with the requested image. This is a “Cache Hit” scenario. Step 3: If it is not available at the Edge location, the process requests it from the Regional Edge location. This is a “Cache Miss” scenario. If it is available, it sends the image back to the requester. Step 4: If not, it requests it from the AWS origin Step 5 and 6: The process returns the image back to the requester. Step 7: Another user tries to retrieve the same image, which the first user tried. The second user gets it from a different Edge location close to his access. Page 3 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront Step 8: Since the second Edge location does not have the image file (since it was copied only to the first Edge location before), it tries to get it from the Regional Edge location, which the first user also used. (Objects). Step 9 and 10: Since the Regional Edge location already has it; it returns the image file back to the second user. 13.5 Accessing CloudFront You can access Amazon CloudFront in the following ways: • AWS Management Console: We can use AWS Management Console to perform tasks. • AWS SDKs: If you're using a programming language that AWS provides an SDK for, you can use an SDK to access CloudFront. SDKs simplify authentication, integrate easily with your development environment, and provide access to CloudFront commands • CloudFront API: If you're using a programming language that an SDK isn't available, see the Amazon CloudFront API Reference for information about API actions and about how to make API requests. • AWS Command line interface: Getting Set Up with the AWS Command Line Interface in the AWS Command Line Interface User Guide. • AWS Tools for windows powershell: Setting up the AWS Tools for Windows PowerShell in the AWS Tools for Windows PowerShell User Guide 13.6 Dynamic content with CloudFront Many websites and web applications serve a combination of static content (HTML, CSS, JPG, or other files) that end viewers can see and dynamic content, which is personalized for each end viewer. Fortunately, Amazon CloudFront can serve both types of content, to reduce latency, protect your architecture, and optimize costs. CloudFront deliver both static and dynamic content using a single distribution, for dynamic and static websites and web applications.We can improve the performance, availability, and security of your content by using Amazon CloudFront as your content delivery network. If you are serving dynamic content such as web applications or APIs directly from an Amazon Elastic Load Balancer (ELB) or Amazon EC2 instances to end users on the internet. With Amazon CloudFront, your end users connections are terminated at CloudFront locations closer to them, which help in reducing the overall round trip time required to establish a connection. These CloudFront locations are connected to the highly resilient Amazon Backbone Network that provides superior performance and availability for connection to AWS origins. In addition, various other optimization such as persistent TCP connections to the origin, SSL enhancements such as Session tickets and OCSP stapling helps in improving the performance even for non-cacheable, dynamic content. Page 4 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront 13.7 Streaming media with CloudFront Customers use Amazon CloudFront to stream video to viewers across the globe using a wide variety of protocols that are layered on top of HTTP. The Amazon Content Delivery Network (CDN) can be used with AWS Elemental Media Services to implement two different types of video streaming. First, we have to look at on- demand streaming of content stored in Amazon Simple Storage Service (Amazon S3). After that, we must examine live streaming of events or 24x7 channels. On demand video content is stored in Amazon S3. Viewers can choose to watch it at any desired time, hence the name on-demand. A complete on-demand streaming solution typically makes use of Amazon S3 for storage, AWS Elemental MediaConvert for file-based video processing, and Amazon CloudFront for delivery. 13.8 Managing CloudFront with CloudWatch Monitoring is an important part of maintaining the availability and performance of CloudFront AWS solutions. This can be collected from all of the parts of your AWS solution so it easily debugs a multi-point failure if one occurs. AWS provides several tools for monitoring CloudFront resources and activity, and responding to potential incidents: Page 5 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront • Amazon CloudWatch alarms: Using CloudWatch alarms, you watch a single metric over a time period that you specify. • AWS CloudTrail logs: CloudTrail provides a record of actions taken by a user, role, or an AWS service in CloudFront. • CloudFront standard logs and real-time logs: CloudFront logs provide detailed records about requests that are made to a distribution. • Function logs in CloudFront Functions: CloudFront Functions uses an AWS Identity and Access Management (IAM) service-linked role to send customer-generated logs directly to CloudWatch Logs. • CloudFront console reports: The CloudFront console includes a variety of reports, including the cache statistics report, the popular objects report, and the top referrers report. 13.9 Summary • Amazon CloudFront is a content delivery network (CDN) operated by Amazon Web Services. • Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content • We access Amazon CloudFront in the many ways • CloudFront distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery. • AWS provides several tools for monitoring CloudFront resources and activity, and responding to potential incidents 13.10 Glossary • Dynamic: characterized by constant change, activity, or progress. • Architecture: the art or practice of designing and constructing buildings. • Edge: the outside limit of an object, area, or surface • Cache: a collection of items of the same type stored in a hidden place. 13.11 Reference • Amazon Referral Link: https://docs.aws.amazon.com/AmazonS3/latest/userguide/Welcome.html • Wikipedia Referral Link: https://en.wikipedia.org/wiki/Amazon_S3 Page 6 of 7 All Rights Reserved. Vol. TLE001/03-2022

AWS Fundamentals: Amazon CloudFront Back to top Page 7 of 7 All Rights Reserved. Vol. TLE001/03-2022