Amazon CloudFront endpoints and quotas
The following are the service endpoints and service quotas for this service. To connect programmatically to an AWS service, you use an endpoint. In addition to the standard AWS endpoints, some AWS services offer FIPS endpoints in selected Regions. For more information, see AWS service endpoints. Service quotas, also referred to as limits, are the maximum number of service resources or operations for your AWS account. For more information, see AWS service quotas.
Service endpoints
Amazon CloudFront
| Region Name | Region | Endpoint | Protocol | Amazon Route 53 Hosted Zone ID* |
|---|---|---|---|---|
| US East (N. Virginia) Region | us-east-1 |
cloudfront.amazonaws.com cloudfront-fips.amazonaws.com |
HTTPS HTTPS |
Z2FDTNDATAQYW2 |
Amazon CloudFront KeyValueStore
CloudFront KeyValueStore is a global service. Specify your AWS account ID for the endpoint.
| Endpoint | Protocol | Amazon Route 53 Hosted Zone ID* |
|---|---|---|
|
|
HTTPS |
The root host zone is the following. Each customer endpoint has its own hosted zone.
|
Service quotas
| Name | Default | Adjustable | Description |
|---|---|---|---|
| Alternate domain names (CNAMEs) per distribution | Each supported Region: 100 |
Yes |
The maximum number of alternate domain names (CNAMEs) per distribution. |
| Cache behaviors per distribution | Each supported Region: 25 |
Yes |
The maximum number of cache behaviors per distribution. |
| Cache policies per AWS account | Each supported Region: 20 | No | The maximum number of cache policies per AWS account. |
| CloudFront Functions: Maximum number of distributions associated with a single function | Each supported Region: 100 |
Yes |
The maximum number of CloudFront distributions associated with a single CloudFront function. |
| Concurrent executions | Each supported Region: 1,000 |
Yes |
The maximum number of concurrent executions in each region. |
| Connection attempts per origin | Each supported Region: 3 | No | The number of connection attempts per origin (1-3). |
| Connection timeout per origin | Each supported Region: 10 Seconds | No | The connection timeout per origin (1-10 seconds). |
| Cookies per cache policy | Each supported Region: 10 |
Yes |
The maximum number of cookies per cache policy. |
| Cookies per origin request policy | Each supported Region: 10 |
Yes |
The maximum number of cookies per origin request policy. |
| Custom headers: maximum length of a header name | Each supported Region: 256 | No | The maximum length of a header name in characters. |
| Custom headers: maximum length of a header value | Each supported Region: 1,783 | No | The maximum length of a header value in characters. |
| Custom headers: maximum length of all header values and names combined | Each supported Region: 10,240 | No | The maximum length of all header values and names combined. |
| Custom headers: maximum number of custom headers that you can configure CloudFront to add to origin requests | Each supported Region: 10 |
Yes |
The maximum number of custom headers that you can configure CloudFront to add to origin requests. |
| Data transfer rate per distribution | Each supported Region: 150 |
Yes |
The maximum data transfer rate (in Gbps) per distribution. |
| Distributions associated with a single key group | Each supported Region: 100 |
Yes |
The maximum number of distributions associated with a single key group. |
| Distributions associated with the same cache policy | Each supported Region: 100 | No | The maximum number of distributions associated with the same cache policy. |
| Distributions associated with the same origin request policy | Each supported Region: 100 | No | The maximum number of distributions associated with the same origin request policy. |
| Distributions per AWS account that you can create triggers for | Each supported Region: 25 |
Yes |
The maximum number of distributions per AWS account that you can create triggers for. |
| File invalidation: maximum number of active wildcard invalidations allowed | Each supported Region: 15 | No | The maximum number of active wildcard invalidations allowed. |
| File invalidation: maximum number of files allowed in active invalidation requests, excluding wildcard invalidations | Each supported Region: 3,000 | No | The maximum number of files allowed in active invalidation requests, excluding wildcard invalidations. |
| Function memory size (Viewer request and response event) | Each supported Region: 128 Megabytes | No | The maximum function memory size (in MB). (Viewer request and response event) |
| Function timeout (Origin request and response event) | Each supported Region: 30 Seconds | No | The maximum function timeout (in seconds). (Origin request and response event) |
| Function timeout for a viewer request and response event | Each supported Region: 5 Seconds | No | The maximum function timeout (in seconds). (Viewer request and response event) |
| Headers per cache policy | Each supported Region: 10 |
Yes |
The maximum number of headers per cache policy. |
| Headers per origin request policy | Each supported Region: 10 |
Yes |
The maximum number of headers per origin request policy. |
| Key groups associated with a single distribution | Each supported Region: 4 |
Yes |
The maximum number of key groups associated with a single distribution. |
| Key groups per AWS account | Each supported Region: 10 |
Yes |
The maximum number of key groups per AWS account. |
| Maximum compressed size of a Lambda function and any included libraries. (Origin request and response event) | Each supported Region: 50 Megabytes | No | The maximum compressed size (in MB) of a Lambda function and any included libraries. (Origin request and response event) |
| Maximum compressed size of a Lambda function and any included libraries. (Viewer request and response event) | Each supported Region: 1 Megabytes | No | The maximum compressed size (in MB) of a Lambda function and any included libraries. (Viewer request and response event) |
| Maximum file size for HTTP GET, POST, and PUT requests | Each supported Region: 50 Gigabytes | No | The maximum file size (in GB) for HTTP GET, POST, and PUT requests. |
| Maximum length of a URL | Each supported Region: 8,192 Bytes | No | The maximum length of a URL (in bytes). |
| Maximum length of a field to encrypt | Each supported Region: 16 Kilobytes | No | The maximum length (in KB) of a field to encrypt. |
| Maximum length of a request body when field-level encryption is configured | Each supported Region: 1 Megabytes | No | The maximum length (in MB) of a request body when field-level encryption is configured. |
| Maximum length of a request, including headers and query strings, but not including the body content | Each supported Region: 20,480 Bytes | No | The maximum length of a request (in bytes), including headers and query strings, but not including the body content. |
| Maximum number of CloudFront distributions that can be associated with a field-level encryption configuration | Each supported Region: 20 | No | The maximum number of CloudFront distributions that can be associated with a field-level encryption configuration. |
| Maximum number of characters in a whitelisted query string | Each supported Region: 128 | No | The maximum number of characters in a whitelisted query string. |
| Maximum number of characters total for all whitelisted query strings in the same parameter | Each supported Region: 512 | No | The maximum number of characters total for all whitelisted query strings in the same parameter. |
| Maximum number of field-level encryption configurations that can be associated with one AWS account | Each supported Region: 10 | No | The maximum number of field-level encryption configurations that can be associated with one AWS account. |
| Maximum number of field-level encryption profiles that can be associated with one AWS account | Each supported Region: 10 | No | The maximum number of field-level encryption profiles that can be associated with one AWS account. |
| Maximum number of fields in a request body when field-level encryption is configured | Each supported Region: 10 | No | The maximum number of fields in a request body when field-level encryption is configured. |
| Maximum number of fields to encrypt that can be specified in one profile | Each supported Region: 10 | No | The maximum number of fields to encrypt that can be specified in one profile. |
| Maximum number of public keys that can be added to one AWS account | Each supported Region: 10 | No | The maximum number of public keys that can be added to one AWS account. |
| Maximum number of query argument profile mappings that can be included in a field-level encryption configuration | Each supported Region: 5 | No | The maximum number of query argument profile mappings that can be included in a field-level encryption configuration. |
| Origin access identities per account | Each supported Region: 100 |
Yes |
The maximum number of origin access identities per account. |
| Origin groups per distribution | Each supported Region: 10 |
Yes |
The maximum number of origin groups per distribution. |
| Origin request policies per AWS account | Each supported Region: 20 | No | The maximum number of origin request policies per AWS account. |
| Origin response timeout (idle timeout) | Each supported Region: 10 | No | The maximum origin response timeout (idle timeout) in minutes. If CloudFront hasn’t detected any bytes sent from the origin to the client within the past 10 minutes, the connection is assumed to be idle and is closed. |
| Origins per distribution | Each supported Region: 25 |
Yes |
The maximum number of origins per distribution. |
| Public keys in a single key group | Each supported Region: 5 |
Yes |
The maximum number of public keys in a single key group. |
| Query strings per cache policy | Each supported Region: 10 |
Yes |
The maximum number of query strings per cache policy. |
| Query strings per origin request policy | Each supported Region: 10 |
Yes |
The maximum number of query strings per origin request policy. |
| Range of file sizes that CloudFront compresses | Each supported Region: 10,000,000 Bytes | No | The range of file sizes (in bytes) that CloudFront compresses (1,000 to 10,000,000). |
| Request body size for origin requests exposed to a Lambda@Edge function. | Each supported Region: 1 Megabytes | No | The maximum request body size (in MB) for origin requests exposed to a Lambda@Edge function. |
| Request body size for origin requests when returning from a Lambda function (base64 encoding) | Each supported Region: 1.33 Megabytes | No | The maximum request body size (in KB) for origin requests when returning from a Lambda function. (base64 encoding) |
| Request body size for origin requests when returning from a Lambda function (text encoding) | Each supported Region: 1 Megabytes | No | The maximum request body size (in KB) for origin requests when returning from a Lambda function. (text encoding) |
| Request body size for viewer requests exposed to a Lambda@Edge function. | Each supported Region: 40 Kilobytes | No | The maximum request body size (in KB) for viewer requests exposed to a Lambda@Edge function. |
| Request body size for viewer requests when returning from a Lambda function (base64 encoding) | Each supported Region: 53.2 Kilobytes | No | The maximum request body size (in KB) for viewer requests when returning from a Lambda function. (base64 encoding) |
| Request body size for viewer requests when returning from a Lambda function (text encoding) | Each supported Region: 40 Kilobytes | No | The maximum request body size (in KB) for viewer requests when returning from a Lambda function. (text encoding) |
| Request timeout | Each supported Region: 30 Seconds |
Yes |
The maximum request timeout in seconds. |
| Requests per second | Each supported Region: 10,000 |
Yes |
The maximum number of requests per second in each region. |
| Requests per second per distribution | Each supported Region: 250,000 |
Yes |
The maximum number of requests per second per distribution. |
| Response timeout per origin | Each supported Region: 60 Seconds |
Yes |
The response timeout per origin (1-60 seconds). |
| SSL certificates per AWS account when serving HTTPS requests using dedicated IP addresses | Each supported Region: 2 |
Yes |
The maximum number of SSL certificates per AWS account when serving HTTPS requests using dedicated IP addresses (no quota when serving HTTPS requests using SNI). |
| SSL certificates that can be associated with a CloudFront web distribution | Each supported Region: 1 | No | The maximum number of SSL certificates that can be associated with a CloudFront web distribution. |
| Size of a response that is generated by a Lambda function, including headers and body (Origin request and response event) | Each supported Region: 1 Megabytes | No | The maximum size (in MB) of a response that is generated by a Lambda function, including headers and body. (Origin request and response event) |
| Size of a response that is generated by a Lambda function, including headers and body (Viewer request and response event) | Each supported Region: 40 Kilobytes | No | The maximum size (in KB) of a response that is generated by a Lambda function, including headers and body. (Viewer request and response event) |
| Tags that can be added to a distribution | Each supported Region: 50 | No | The maximum number of tags that can be added to a distribution. |
| Total length of the URI including query string in a Lambda@Edge function | Each supported Region: 8,192 | No | The maximum total length in characters of the URI including the query string in a Lambda@Edge function. |
| Total number of bytes in whitelisted cookie names (doesn’t apply if you configure CloudFront to forward all cookies to the origin) | Each supported Region: 512 Bytes | No | The total number of bytes in whitelisted cookie names (doesn’t apply if you configure CloudFront to forward all cookies to the origin). 512 minus the number of whitelisted cookies. |
| Triggers per distribution | Each supported Region: 100 |
Yes |
The maximum number of triggers per distribution. |
| Web distributions per AWS account | Each supported Region: 200 |
Yes |
The maximum number of web distributions per AWS account. |
| Whitelisted cookies per cache behavior | Each supported Region: 10 |
Yes |
The maximum number of whitelisted cookies per cache behavior. |
| Whitelisted headers per cache behavior | Each supported Region: 10 |
Yes |
The maximum number of whitelisted headers per cache behavior. |
| Whitelisted query strings per cache behavior | Each supported Region: 10 |
Yes |
The maximum number of whitelisted query strings per cache behavior. |
For more information, see Quotas in the Amazon CloudFront Developer Guide.
