Amazon CloudFront
Developer Guide (API Version 2016-09-29)

Configuring Security and Limiting Access to Content

For web distributions, CloudFront provides several options for securing content that it delivers, including configuring HTTPS connections, using AWS WAF to control access to your content, or setting up field-level encryption for specific content fields. In addition, you can prevent users in specific geographic locations from accessing content distributed through a web distribution. You also have the option of limiting access to private content by requiring that users access that content by using CloudFront signed URLs or signed cookies.