Amazon CloudFront Design Patterns
1m 1s
Start course

In this course, we will be looking at Amazon CloudFront design patterns. We will begin by discussing some of CloudFront's key features before discussing two patterns:

  • Pattern 1 – Using CloudFront to cache and secure content when an Application Load Balancer is the origin
  • Pattern 2 – Using CloudFront to cache and secure content when an S3 bucket is the origin

Learning Objectives

By the end of this course, you will have a greater understanding of:

  • Amazon CloudFront's role in performance and security
  • Common CloudFront design patterns

Intended Audience

Anyone working with AWS Networking will benefit from this course, as well as those who are:

  • Studying for the AWS Networking Specialty certification
  • Studying for the AWS Solutions Architect certifications

If you want to increase your AWS knowledge, this course is for you.


Before attending this course, you should be familiar with Amazon Networking features such as VPCs and Elastic Load Balancers and have a basic understanding of Amazon CloudFront. Experience using Amazon S3 to store static website content would be an advantage.


During this course, we have tried to identify the key features and benefits of Amazon CloudFront. We began by discussing the main purpose of CloudFront, its ability to secure and distribute your content via a global edge network, providing low latency access to your content at scale. We discussed the different levels of cache available, distributions edge locations, regional edge caches, and origin shield. We also listed some of the features we can configure when creating a CloudFront distribution and listed some of the security and monitoring features available. 

We then went on to discuss use cases or patterns for CloudFront. Using CloudFront to cache and secure content where an Application Load Balancer is the origin. And using CloudFront to cache and secure content where an S3 bucket is the origin. For both, we discussed the benefits of the patterns and how we secure them using custom headers for one, and Origin Access Identity for the other. Thank you for your time. Good luck with your continued learning. I hope to see you on other courses soon, thank you.


About the Author

Mike has worked in IT since 1997, specializing in networking, storage, and architecture. He's been in cloud computing for the last 8 years, working across several cloud platforms but specializing in AWS. He's been involved in many cloud projects over the years covering migrations, hybrid connectivity, security optimization, networking, and storage architecture.

He gained his first training qualification in 1998 and, about 3 years ago, became an AWS Authorized Champion Instructor. He's delivered AWS cloud courses across Europe for a range of clients, with a focus on Architecture, Security, and Networking. He currently holds certifications for the four biggest cloud vendors, including the AWS Solutions Architect Professional, AWS DevOps Engineer, and AWS Advanced Networking specialty certifications.

He lives in the North of England with his wife Frances and their dog Inca.