CloudFront provides several options for securing content that it delivers. The following are some ways you can use CloudFront to secure and restrict access to content:
-
Configure HTTPS connections
-
Prevent users in specific geographic locations from accessing content
-
Require users to access content using CloudFront signed URLs or signed cookies
-
Set up field-level encryption for specific content fields
-
Use AWS WAF to control access to your content
You should also implement a DDoS-resilient architecture for your infrastructure and applications. For more information, see AWS Best Practices for DDoS Resiliency.
For additional information, see the following: