Menu
Amazon CloudFront
Developer Guide (API Version 2016-09-29)

Using Amazon S3 Origins and Custom Origins for Web Distributions

When you create a web distribution, you specify where CloudFront sends requests for the files that it distributes to edge locations. CloudFront supports using Amazon S3 buckets and HTTP servers (for example, web servers) as origins.

Using Amazon S3 Buckets for Your Origin

When you use Amazon S3 as an origin for your distribution, you place any objects that you want CloudFront to deliver in an Amazon S3 bucket. You can use any method that is supported by Amazon S3 to get your objects into Amazon S3, for example, the Amazon S3 console or API, or a third-party tool. You can create a hierarchy in your bucket to store the objects, just as you would with any other Amazon S3 bucket.

Using an existing Amazon S3 bucket as your CloudFront origin server doesn't change the bucket in any way; you can still use it as you normally would to store and access Amazon S3 objects at the standard Amazon S3 price. You incur regular Amazon S3 charges for storing the objects in the bucket. For more information about the charges to use CloudFront, see CloudFront Reports.

Important

For your bucket to work with CloudFront, the name must conform to DNS naming requirements. For more information, go to Bucket Restrictions and Limitations in the Amazon Simple Storage Service Developer Guide.

When you specify the Amazon S3 bucket that you want CloudFront to get objects from, in general, use the following format:

bucket-name.s3.amazonaws.com

If your bucket is in the US Standard region and you want Amazon S3 to route requests to a facility in Northern Virginia, use the following format:

bucket-name.s3-external-1.amazonaws.com

When you specify the bucket name in this format, you can use the following CloudFront features:

Do not specify the bucket using the following formats:

  • The Amazon S3 path style, s3.amazonaws.com/bucket-name

  • The Amazon S3 CNAME, if any

Using Amazon S3 Buckets Configured as Website Endpoints for Your Origin

You can set up an Amazon S3 bucket that is configured as a website endpoint as custom origin with CloudFront.

  • When you configure your CloudFront distribution, for the origin, enter the Amazon S3 static website hosting endpoint for your bucket. This value appears in the Amazon S3 console, on the Properties page under Static Website Hosting. For example:

    http://bucket-name.s3-website-us-west-2.amazonaws.com

For more information about specifying Amazon S3 static website endpoints, see Website Endpoints in the Amazon S3 documentation.

When you specify the bucket name in this format as your origin, you can use Amazon S3 redirects and Amazon S3 custom error documents. For more information about Amazon S3 features, see the Amazon S3 documentation. (CloudFront also provides custom error pages. For more information, see Customizing Error Responses.)

Using an Amazon S3 bucket as your CloudFront origin server doesn't change it in any way. You can still use it as you normally would and you incur regular Amazon S3 charges. For more information about the charges to use CloudFront, see CloudFront Reports.

Note

If you use the CloudFront API to create your distribution with an Amazon S3 bucket that is configured as a website endpoint, you must configure it by using CustomOriginConfig, even though the website is hosted in an Amazon S3 bucket. For more information about creating distributions by using the CloudFront API, see CreateDistribution in the Amazon CloudFront API Reference.

Using Amazon EC2 or Other Custom Origins

A custom origin is an HTTP server, for example, a web server. The HTTP server can be an Amazon EC2 instance or an HTTP server that you manage privately. An Amazon S3 origin configured as a website endpoint is also considered a custom origin.

When you use a custom origin that is your own HTTP server, you specify the DNS name of the server, along with the HTTP and HTTPS ports and the protocol that you want CloudFront to use when fetching objects from your origin.

Most CloudFront features are supported when you use a custom origin with the following exceptions:

  • RTMP distributions—Not supported.

  • Private content—Although you can use a signed URL to distribute content from a custom origin, for CloudFront to access the custom origin, the origin must remain publicly accessible. For more information, see Serving Private Content through CloudFront.

Follow these guidelines for using Amazon EC2 instances and other custom origins with CloudFront.

  • Host and serve the same content on all servers that are serving content for the same CloudFront origin. For more information, see Origin Settings in the Values That You Specify When You Create or Update a Web Distribution topic.

  • Log the X-Amz-Cf-Id header entries on all servers; CloudFront requires this information for debugging.

  • Restrict access requests to the HTTP and HTTPS ports that your custom origin listens on.

  • Synchronize the clocks of all servers in your implementation. Note that CloudFront uses Coordinated Universal Time (UTC) for signed URLs and signed cookies, for access logs, and reports. In addition, if you monitor CloudFront activity using CloudWatch metrics, note that CloudWatch also uses UTC.

  • Use redundant servers to handle failures.

  • For information about using a custom origin to serve private content, see Using an HTTP Server for Private Content.

  • For information about request and response behavior and about supported HTTP status codes, see Request and Response Behavior.

If you use Amazon Elastic Compute Cloud for your custom origins, we recommend that you do the following:

  1. Use an Amazon Machine Image that automatically installs the software for a web server. For more information, see the Amazon EC2 documentation.

  2. Use an Elastic Load Balancing load balancer to handle traffic across multiple Amazon EC2 instances and to isolate your application from changes to Amazon EC2 instances. For example, if you use a load balancer, you can add and delete Amazon EC2 instances without changing your application. For more information, see the Elastic Load Balancing documentation.

  3. When you create your CloudFront distribution, specify the URL of the load balancer for the domain name of your origin server. For more information, see Working with Web Distributions.