AWS, Cloud Computing

4 Mins Read

Amazon CloudFront using Behaviors, Policies, and Functions


Amazon CloudFront is a globally distributed content delivery network with over 150 edge locations worldwide. The service helps you cache the data at edge locations served when requested by a nearby end user. You can cache extensions like jpg, png, js, and even videos to reduce stress on your origin servers.

The CloudFront edge server provides quicker delivery at the viewer’s end. The Amazon network can decrease the number of networks consumers request to origin. As a result, it enhances performance and reduces latency for consumers. Moreover, it improves availability and dependability. We can have multiple origins from where the CloudFront induces the content into the edge locations. The location where you have saved your data is called the origin server. For example, S3 may be used to store a static website; in this situation, S3 would be referred to as the origin.

We have different types of cache policies used to control the cache behavior for static objects, we will talk about the behaviors, policies, and functions in more detail.

Steps to Cache Behavior

If you want to cache a particular extension, follow the below steps:

  1. Navigate to your distribution and select behaviors.


2. Create a behavior pattern


3. Select viewer protocol policy allowed HTTP method as per the preference and use case


Note: As a best practice, you should keep the Default (*) path behavior as caching disabled and use caching for only the required static extensions.

  • Cloud Migration
  • Devops
  • AIML & IoT
Know More

Cache key policies and origin request policies

AWS recommends having a cache policy and origin request policy to control the cache behavior for the origin requests.

Let’s navigate to policies in the left-hand side pane to view more.


You may link a set of managed cache rules from CloudFront to any cache behaviors offered by your distribution. You don’t have to create or keep up with your cache policy when using a managed cache policy. The controlled policies use settings that are optimized for certain use situations.

A list of managed ache policies are

Custom Cache Policy

TTL: Using a custom policy, you can have custom TTL (Time to live settings). This works with Cache-control to control how long the CloudFront cache remains valid.


Cache key: The key settings define the values that CloudFront includes in the cache key in viewer requests. Possible values include cookies, HTTP headers, and URL query strings. The values you specify for the cache key are automatically included in the origin requests that CloudFront delivers to the origin.


Compression: When the viewer supports it, these options allow CloudFront to request and cache compressed items using the Gzip or Brotli formats.


Custom Origin Policy

The origin is contacted to get the requested item when a viewer request to CloudFront results in a cache miss (the requested object is not cached at the edge location).

Cache policies manage the cache key and are distinct from origin request policies. This division helps you retain a high ratio of cache hits while receiving more information at the origin.

By utilizing the policy, all URL query strings, HTTP headers, and cookies can be included in origin requests, as shown below:



Using CloudFront Functions for large-scale, latency-sensitive CDN modifications, you can make lightweight JavaScript functions. The CloudFront Functions runtime environment is extremely secure, with startup speeds of less than one millisecond, and scalable instantly to accommodate millions of requests per second. Being a native component of CloudFront, CloudFront Functions enables you to write, test, and deploy your code directly inside of CloudFront.

We will create a function for our distribution that will fetch the client IP from the viewer to the origin as a header

Steps to create a CloudFront function

  1. Navigate to functions under CloudFront.


2. Create a new function


3. Click on build and paste the function, and we have this function to request a true-client-Ip header from the CloudFront distribution.


4. After adding the function, click on publish to publish the same.


5. Click on add an association to add this function to your distribution.


Now your origin will start receiving the true client IP as a header.


CloudFront is a state of art service provided by AWS, features such as multi-origin, behaviors, cache policies, origin requests policy, and functions make the service configurable and customizable.

You can start using default settings in CloudFront and gradually customize it as required. Take advantage of 150 plus edge locations worldwide, reduce your server usage, and make your front end highly available.

Get your new hires billable within 1-60 days. Experience our Capability Development Framework today.

  • Cloud Training
  • Customized Training
  • Experiential Learning
Read More

About CloudThat

CloudThat is also the official AWS (Amazon Web Services) Advanced Consulting Partner and Training partner and Microsoft gold partner, helping people develop knowledge of the cloud and help their businesses aim for higher goals using best in industry cloud computing practices and expertise. We are on a mission to build a robust cloud computing ecosystem by disseminating knowledge on technological intricacies within the cloud space. Our blogs, webinars, case studies, and white papers enable all the stakeholders in the cloud computing sphere.

Drop a query if you have any questions regarding Amazon CloudFront and I will get back to you quickly.

To get started, go through our Consultancy page and Managed Services Package that is CloudThat’s offerings.


1. Can we view metrics in Amazon CloudFront?

ANS: – Yes, we can view the metrics such as requests, data transfer, error rates, and more.

2. Can we use CloudFront without caching or data?

ANS: – Yes, we can use the service without caching by enabling no caching behavior on the default path pattern.

3. What other services can be integrated with AWS CloudFront?

ANS: – Services such as S3, WAF, Amazon EC2, Elastic Load Balancing, and Amazon Route 53 can be integrated with CloudFront.

WRITTEN BY Akshay Mishra



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!