CloudFront

• Lambda@Edge runs your code in response to events generated by the Amazon CloudFront

• use Lambda@Edge to help authenticate and authorize users for the premium pay-wall content on your website, filtering out unauthorized requests before they reach your origin infrastructure

• Accessing Private content

  • Signed URLS

    • Application/user downloads single file

    • Cookies are not supported

  • Signed Cookies

    • Application/user downloads multiple files

    • No change in application URLs

• HTTP 504 errors , lot t of time to log into their website

  • Use Lambda@Edge

  • set up an origin failover by creating an origin group with two origins primary origin and second origin, which CloudFront automatically switches to when the primary origin fails

• Architecture

1. Store static content in S3

2. Distribute the content around the world (global users) using CloudFront

• DO NOT use it for static content on EC2

• Advantages

  • Pay for use of CloudFront , (No charge for data transfer from S3)

  • Low latency

  • Simple caching with TTL

  • Reduce load on your EC2

• AWS Shield :

  • Avoid DDoS Attacks

• AWS WAF :

  • Protect from SQL injection , Cross-site scripting