Amazon CloudFront Architecture

Explore how Amazon CloudFront orchestrates content delivery using a strong AWS global infrastructure.

We'll cover the following

Amazon CloudFront, AWS’s Content Delivery Network (CDN) service, is crucial in improving content delivery from its source to end-users through smart caching mechanisms and a strong global network infrastructure. Exploring CloudFront’s architecture reveals an advanced system where content distribution, caching, and delivery are managed seamlessly globally. This understanding allows us to grasp how CloudFront efficiently delivers content, leading to better performance, reduced latency, and improved user experiences.

Press + to interact

Let’s explore the core components, key concepts, and configurations that form the backbone of CloudFront’s architecture, empowering users to optimize content delivery for their applications and websites. The core components of the CloudFront are described below:

Origins

Origins serve as the source locations for the content distributed through CloudFront. These can be:

  • Amazon S3 Buckets: Commonly used to store static website content, media files, and software downloads.

  • Custom Origins: External HTTP/HTTPS servers, Elastic Load Balancers (ELBs), or any other web server.

Application Load Balancer
Application Load Balancer
S3 bucket
S3 bucket

Distributions

Distributions are the primary configuration entities in CloudFront, representing the deployment of content to the CloudFront network. Each distribution specifies:

  • Origins: One or more origins from which CloudFront retrieves content.

  • Settings: Cache behaviors, origin request settings, SSL configurations, and more.

  • Domain name: A unique domain name assigned to the distribution (e.g., d1234.cloudfront.net ).

Press + to interact

Edge locations

Edge locations are the points of presence (PoPs) in CloudFront’s global network infrastructure, strategically located around the world. These locations serve as caching endpoints where content is cached and delivered to end-users.

Press + to interact

Regional edge caches

Regional edge caches are larger than edge locations and are fewer in number. They store less frequently accessed content and help reduce latency for users accessing content from specific geographic regions.

CloudFront behaviors

Behaviors are configurations within a distribution that operate on the principle of pattern matching. They allow users to define:

  • Access controls: Specify who can access content and from where.

  • Caching policies: Determine how content is cached, including TTL (Time-To-Live) settings.

  • Origin request settings: Configure headers, cookies, and query strings to be forwarded to the origin server.

  • Security measures: Enable AWS Web Application Firewall (WAF) protection and require HTTPS for content access.

  • Geographic restrictions: Restrict access based on user locations.

  • Logging configurations: Determine the type of logs generated and stored for monitoring and analysis.

Integration and limitations

  • AWS Certificate Manager (ACM) integration: CloudFront integrates seamlessly with ACM for SSL certificate management, ensuring secure communication between distributions and end-users.

  • Upload operations: CloudFront primarily supports download-style operations; any uploads are directed to the origin for processing without write caching capabilities.

Let’s understand through an example how CloudFront provides content delivery services using these components.

How CloudFront works

Consider a scenario where Bob and Alice, two users in different regions, aim to access a popular video hosted in an Amazon S3 bucket. Bob resides near an edge location in Italy, while Alice is closer to an edge location in Spain, but they have the same regional cache. Despite their geographical distance, both users benefit from CloudFront’s architecture for efficient content delivery.

Press + to interact
Working of CloudFront
Working of CloudFront

  • Video available at edge location: When Bob initiates a request to view the video, CloudFront checks if the content is cached in the edge location nearest to him. If the video is cached locally, Bob experiences a cache hitA cache hit occurs when the requested content is available in the edge location cache, resulting in low latency and improved access times., resulting in immediate access to the content with minimal latency.

Press + to interact
Cache hit at edge location
Cache hit at edge location

  • Video available at regional edge location: On the other hand, if the video is not cached in Bob’s nearby edge location, CloudFront triggers a cache missCache miss occurs when content needs to be fetched from the regional edge cache or the origin, potentially leading to higher latency.. In this case, CloudFront retrieves the video from the regional edge cache, a larger cache shared by multiple edge locations within the same geographic area. If the video is found in the regional edge cache, it is promptly delivered to Bob’s edge location, ensuring efficient content delivery despite the cache miss.

Press + to interact
Cache miss at the edge location
Cache miss at the edge location

  • Video not cached at edge or regional edge location: However, if the video is not available in the regional edge cache, CloudFront performs an origin fetch, retrieving the video directly from the S3 bucket, the content’s origin. Once fetched, the video is stored in the regional edge cache for future requests, optimizing content delivery for subsequent users in the same geographic region.

Press + to interact
Origin fetch
Origin fetch

  • Future fetch requests: When Alice initiates a request to fetch the same video, CloudFront can retrieve it from the regional edge cache.

Press + to interact
Cache miss for Alice
Cache miss for Alice

Get hands-on with 1300+ tech skills courses.