Document history - Amazon CloudFront

Document history

The following entries describe important changes made to the CloudFront documentation.

Change Description Date changed

Remove documentation for RTMP distributions

Amazon CloudFront deprecated real-time messaging protocol (RTMP) distributions on December 31, 2020. Documentation for RTMP distributions is now removed from the Amazon CloudFront Developer Guide.

February 10, 2021

New pricing option

Amazon CloudFront introduces the CloudFront security savings bundle, a simple way to save up to 30% on the CloudFront charges on your AWS bill. For more information, see CloudFront security savings bundle.

February 5, 2021

New tutorial

The Amazon CloudFront Developer Guide now includes a tutorial for using Amazon CloudFront to restrict access to an Application Load Balancer in Elastic Load Balancing. For more information, see Restricting access to Application Load Balancers.

December 18, 2020

New option for public key management

CloudFront now supports public key management for signed URLs and signed cookies through the CloudFront console and API, without requiring access to the AWS account root user. For more information, see Specifying the signers that can create signed URLs and signed cookies.

October 22, 2020

New feature – Origin Shield

CloudFront now supports CloudFront Origin Shield, an additional layer in the CloudFront caching infrastructure that helps to minimize your origin’s load, improve its availability, and reduce its operating costs. For more information, see Using Amazon CloudFront Origin Shield.

October 20, 2020

New compression format

CloudFront now supports the Brotli compression formation when you configure CloudFront to compress objects at CloudFront edge locations. You can also configure CloudFront to cache Brotli objects using a normalized Accept-Encoding header. For more information, see Serving compressed files and Compression support.

September 14, 2020

New TLS protocol

CloudFront now supports the TLS 1.3 protocol for HTTPS connections between viewers and CloudFront distributions. TLS 1.3 is enabled by default in all CloudFront security policies. For more information, see Supported protocols and ciphers between viewers and CloudFront.

September 3, 2020

New real-time logs

CloudFront now supports configurable real-time logs. With real-time logs, you can get information about requests made to a distribution in real time. You can use real-time logs to monitor, analyze, and take action based on content delivery performance. For more information, see Real-time logs.

August 31, 2020

API support for additional metrics

CloudFront now supports enabling eight additional real-time metrics with the CloudFront API. For more information, see Enabling additional metrics.

August 28, 2020

New CloudFront HTTP headers

CloudFront added additional HTTP headers for determining information about the viewer such as device type, geographic location, and more. For more information, see Using the CloudFront HTTP headers.

July 23, 2020

New feature

CloudFront now supports cache policies and origin request polices, which give you more granular control over the cache key and origin requests for your CloudFront distributions. For more information, see Working with policies.

July 22, 2020

New security policy

CloudFront now supports a new security policy, TLSv1.2_2019, with a smaller set of supported ciphers. For more information, see Supported protocols and ciphers between viewers and CloudFront.

July 8, 2020

New settings to control origin timeouts and attempts

CloudFront added new settings that control origin timeouts and attempts. For more information, see Controlling origin timeouts and attempts.

June 5, 2020

New documentation for getting started with CloudFront by creating a secure static website

Get started with CloudFront by creating a secure static website using Amazon S3, CloudFront, Lambda@Edge, and more, all deployed with AWS CloudFormation. For more information, see Getting started with a secure static website.

June 2, 2020

Lambda@Edge supports newer runtime versions

Lambda@Edge now supports Lambda functions with the Node.js 12 and Python 3.8 runtimes. For more information, see Lambda Function Supported Runtimes and Configuration.

February 27, 2020

New real-time metrics in CloudWatch

Amazon CloudFront now offers eight additional real-time metrics in Amazon CloudWatch. For more information, see Viewing additional CloudFront distribution metrics.

December 19, 2019

New fields in access logs

CloudFront adds seven new fields to access logs. For more information, see Standard log file fields.

December 12, 2019

AWS for WordPress plugin

You can use the AWS for WordPress plugin to provide visitors to your WordPress website an accelerated viewing experience using CloudFront. For more information, see Getting started with a simple distribution Getting started with AWS for WordPress.

October 30, 2019

Tag-based and resource-level IAM permissions policies

CloudFront now supports two additional ways of specifying IAM permission policies: tag-based and resource-level policy permissions. For more information, see Managing Access to Resources.

August 8, 2019

Support for Python programming language

You can now use the Python programming language to develop functions in Lambda@Edge, in addition to Node.js. For example functions that cover a variety of scenarios, see Lambda@Edge Example Functions.

August 1, 2019

Updated monitoring graphs

Content updates to describe new ways for you to monitor Lambda functions associated with your CloudFront distributions directly from the CloudFront console to more easily track and debug errors. For more information, see Monitoring CloudFront.

June 20, 2019

Consolidated security content

A new Security chapter consolidates information about CloudFront's features around and implementation of data protection, IAM, logging, compliance, and more. For more information, see Security.

May 24, 2019

Domain validation is now required

CloudFront now requires that you use an SSL certificate to verify that you have permission to use an alternate domain name with a distribution. For more information, see Using Alternate Domain Names and HTTPS.

April 9, 2019

Updated PDF filename

The new filename for the Amazon CloudFront Developer Guide is: AmazonCloudFront_DevGuide. The previous name was: cf-dg.

January 7, 2019

New features

CloudFront now supports WebSocket, a TCP-based protocol that is useful when you need long-lived connections between clients and servers. You can also now set up CloudFront with origin failover for scenarios that require high availability. For more information, see Using WebSocket with CloudFront Distributions and Optimizing High Availability with CloudFront Origin Failover.

November 20, 2018

New feature

CloudFront now supports detailed error logging for HTTP requests that run Lambda functions. You can store the logs in CloudWatch and use them to help troubleshoot HTTP 5xx errors when your function returns an invalid response. For more information, see CloudWatch Metrics and CloudWatch Logs for Lambda Functions.

October 8, 2018

New feature

You can now opt to have Lambda@Edge expose the body in a request for writable HTTP methods (POST, PUT, DELETE, and so on), so that you can access it in your Lambda function. You can choose read-only access, or you can specify that you’ll replace the body. For more information, see Accessing the Request Body by Choosing the Include Body Option.

August 14, 2018

New feature

CloudFront now supports serving content compressed by using brotli or other compression algorithms, in addition to or instead of gzip. For more information, see Serving Compressed Files.

July 25, 2018


The Amazon CloudFront Developer Guide has been reorganized to simplify finding related content, and to improve scanability and navigation.

June 28, 2018

New Feature

Lambda@Edge now enables you to further customize the delivery of content stored in an Amazon S3 bucket, by allowing you to access additional whitelisted headers, including custom headers, within origin-facing events. For more information, see these examples showing personalization of content based on viewer location and viewer device type.

March 20, 2018

New Feature

You can now use Amazon CloudFront to negotiate HTTPS connections to origins using Elliptic Curve Digital Signature Algorithm (ECDSA). ECDSA uses smaller keys that are faster, yet, just as secure, as the older RSA algorithm. For more information, see Supported SSL/TLS Protocols and Ciphers for Communication Between CloudFront and Your Origin and About RSA and ECDSA Ciphers.

March 15, 2018

New Feature

Lambda@Edge enables you to customize error responses from your origin, by allowing you to execute Lambda functions in response to HTTP errors that Amazon CloudFront receives from your origin. For more information, see these examples showing redirects to another location and response generation with 200 status code (OK).

December 21, 2017

New Feature

A new CloudFront capability, field-level encryption, helps you to further enhance the security of sensitive data, like credit card numbers or personally identifiable information (PII) like social security numbers. For more information, see Using Field-Level Encryption to Help Protect Sensitive Data.

December 14, 2017

Doc history archived

Older doc history was archived.

December, 2017