DEVHIDE
Login Or Sign up

CloudFront origin for specific region content

959 Views Asked by At

I have created four S3 buckets, each with a simple index.html file and each with unique content.

I have created a CloudFront distribution and assigned it four origins, one for each of the four buckets.

Each origin has an Origin Access Identity and that OAI has been used in it's related bucket's policy, eg:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity 123456789ABCDE"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-first-test-bucket/*"
        }
    ]
}

I have also set Block all public access to true for each bucket.

When I visit the CloudFront distribution name I see the content for my region.

However, when I use a geo-browser to test the distribution from another region (one closer to one of the other buckets) I see the same content.

How can I configure my CloudFront distribution to serve the closest region-specific content? (eg: us-east-1 bucket content served through CloudFront for New York users.)

amazon-s3 amazon-cloudfront aws-serverless aws-regions
Original Q&A
2

There are 2 best solutions below

5
On

Geo-browser is not perfect for testing, you should test this with a good VPN.

to verify what I am saying, try to enter a blocked website in China. geo-browser will take you to it but it is trying to trick the server to think the connection is from China by changing IP address.

This can not Trick AWS. So test with VPN (a paid one is preferable)

More Info:

How does AWS Cloudfront CDN works:

  1. when the first user from a specific region request a file
  2. the file will be streamed (copied) from S3 to the closest Cloudfront server in the user region
  3. the file will stay on this server temporary (usually 24 hours)
  4. when a second user from the same Region request the same file he/she will get the copy from Cloudfront close server too.
  5. if the same file changes on S3 it will be changes in very short time in the Cloudfront too (from 1 second to 5 minutes)
  6. So, only the first request for the file will be affected by the distance of S3 bucket, which is negligible.
  7. My recommendation is to use 1 S3 bucket only with folders specifying content depending on local (us, fr, gb, ...etc) and rely on the Cloudfront CDN to distribute content to different CDN servers for each region. I am using Cloudfront in this way and everything I wrote here is from real experiments I've done before.
  8. Conclusion: if you use CDN then the location of storage server is not a factor for speedy delivery of content.
1
On

You can use a Route53 traffic policy. Add a Geolocation rule and then a Cloudfront distribution as an endpoint.

enter image description here

Related Questions in AMAZON-S3

Related Questions in AMAZON-CLOUDFRONT

Related Questions in AWS-SERVERLESS

Related Questions in AWS-REGIONS

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Popular Questions

Copyright © 2021 Jogjafile Inc.