Ensure that the Amazon CloudFront Content Delivery Network (CDN) service is used within your AWS account to secure and accelerate the delivery of your web content, media files, or static resources (e.g., CSS files, Javascript files, image files) handled by your websites/web applications.
This rule can help you with the following compliance standards:
- HIPAA
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
efficiency
Using Amazon CloudFront CDN service can have a significant impact on the performance, security, reliability, and availability of your web content delivery process. CloudFront has several advantages over other Content Delivery Network (CDN) providers: is fast – using a global network of 200+ edge locations, CloudFront caches and delivers copies of your static content close to users with minimal latency, is secure – enforces HTTPS connections between the service edge locations and your origin server and can be integrated with Amazon WAF (a web application firewall service made available by Amazon to protect web applications against common attacks), is highly available – engineered for HA and built on top of Amazon’s highly reliable infrastructure, easy to use – you can manage CloudFront distributions with just few clicks using the AWS Management Console or programmatically via AWS API, cost effective – you only pay the web content delivered through the CDN network (pay-as-you-go price plan), and can be easily integrated with other AWS cloud components such as EC2, S3, and WAF.
Audit
To determine if the Amazon CloudFront service is used as Content Delivery Network (CDN) within your AWS account, perform the following operations:
Remediation / Resolution
To secure and accelerate the delivery of your web content, you must create and configure Amazon CloudFront CDN distributions. To start using Amazon CloudFront by creating your own distribution, perform the following operations:
References
- AWS Documentation
- How CloudFront delivers content
- Overview of distributions
- Steps for creating a distribution (overview)
- Creating a distribution
- Values that you specify when you create or update a distribution
- AWS Command Line Interface (CLI) Documentation
- cloudfront
- list-distributions
- create-distribution