AWS Certificate Manager
User Guide (Version 1.0)

Getting Started with Amazon CloudFront

Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content by delivering the content through a worldwide network of edge locations. For more information, see the Amazon CloudFront Developer Guide. For more information about using HTTPS with CloudFront, see Using HTTPS with CloudFront in the Amazon CloudFront Developer Guide.

The following illustration shows how ACM and CloudFront can be used together to deliver your content securely through edge locations.

General ACM diagram for CF

You must perform the following steps to use ACM with CloudFront.


To use an ACM Certificate with CloudFront, you must request or import the certificate in the US East (N. Virginia) region.

  1. Configure your origin servers to store the original, definitive version of your content. Your origin can be either an Amazon S3 bucket or an Amazon EC2 web server instance.

  2. Create a CloudFront distribution which tells CloudFront which origin servers to get your files from when users make requests through your web site or application.

  3. Use the ACM console, ACM API, or AWS CLI to request a certificate or import a certificate into ACM.

  4. Use the CloudFront console, API, or AWS CLI to associate your ACM Certificate with the CloudFront distribution.

  5. CloudFront sends your distribution's configuration (but not your content) to all of its edge locations. Edge locations are collections of servers in geographically dispersed data centers where CloudFront caches copies of your website or application files.

  6. When a user accesses your website and requests one or more objects, DNS routes the user to the CloudFront edge location that can best serve the request. For more information about how CloudFront delivers content to your users, see How CloudFront Delivers Content in the Amazon CloudFront Developer Guide.