Amazon CloudFront Developer Guide
User Manual:
Open the PDF directly: View PDF 
.
Page Count: 382
| Download | |
| Open PDF In Browser | View PDF |
Amazon CloudFront Developer Guide API Version 2016-08-01 Amazon CloudFront Developer Guide Amazon CloudFront: Developer Guide Copyright © 2016 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with any product or service that is not Amazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages or discredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who may or may not be affiliated with, connected to, or sponsored by Amazon. Amazon CloudFront Developer Guide Table of Contents What Is Amazon CloudFront? .......................................................................................................... 1 How CloudFront Delivers Content ............................................................................................. 4 Locations and IP Address Ranges of CloudFront Edge Servers ..................................................... 6 PCI DSS Compliance ............................................................................................................. 6 AWS Billing and Usage Reports for CloudFront ................................................................................... 8 AWS Billing Report for CloudFront .......................................................................................... 10 AWS Usage Report for CloudFront ......................................................................................... 11 Interpreting Your AWS Bill and the AWS Usage Report for CloudFront ........................................... 12 CloudFront Reports ...................................................................................................................... 15 CloudFront Cache Statistics Reports ....................................................................................... 16 Downloading Data in CSV Format .................................................................................. 17 How Cache Statistics Charts Are Related to Data in the CloudFront Access Logs ................... 19 CloudFront Popular Objects Report ......................................................................................... 20 Downloading Data in CSV Format .................................................................................. 21 How Data in the Popular Objects Report Is Related to Data in the CloudFront Access Logs ...... 22 CloudFront Top Referrers Report ............................................................................................ 23 Downloading Data in CSV Format .................................................................................. 24 How Data in the Top Referrers Report Is Related to Data in the CloudFront Access Logs ......... 25 CloudFront Usage Reports .................................................................................................... 25 Downloading Data in CSV Format .................................................................................. 26 How the Usage Charts Are Related to Data in the CloudFront Usage Report .......................... 28 CloudFront Viewers Reports .................................................................................................. 29 Displaying Viewers Charts and Reports ........................................................................... 30 Downloading Data in CSV Format .................................................................................. 31 How Data in the Locations Report Is Related to Data in the CloudFront Access Logs ............... 35 Getting Started ............................................................................................................................ 37 Step 1: Sign up for Amazon Web Services ................................................................................ 37 Step 2: Upload your content to Amazon S3 and grant object permissions ...................................... 38 Step 3: Create a CloudFront Web Distribution ........................................................................... 39 Step 4: Test your links ........................................................................................................... 45 Working with Distributions ............................................................................................................. 46 Overview of Web and RTMP Distributions ................................................................................ 47 Web Distributions ........................................................................................................ 47 RTMP Distributions ...................................................................................................... 48 Creating Web and RTMP Distributions ..................................................................................... 48 Listing, Viewing, and Updating CloudFront Distributions .............................................................. 48 Deleting a Distribution .......................................................................................................... 49 Using Alternate Domain Names (CNAMEs) .............................................................................. 50 Using the * Wildcard in Alternate Domain Names .............................................................. 50 Restrictions on Using Alternate Domain Names ................................................................ 51 Adding an Alternate Domain Name ................................................................................. 51 Choosing the Price Class for a CloudFront Distribution ............................................................... 54 Using CloudFront with Amazon S3 .......................................................................................... 54 Adding CloudFront When You're Distributing Content from Amazon S3 .................................. 55 Moving an Amazon S3 Bucket to a Different Region ........................................................... 56 Changes to the CloudFront API .............................................................................................. 56 Working with Web Distributions ...................................................................................................... 58 Task List for Creating a Web Distribution .................................................................................. 58 Creating or Updating a Web Distribution Using the CloudFront Console ......................................... 59 Testing Your Web Distribution ................................................................................................. 60 Using Amazon S3 Origins and Custom Origins for Web Distributions ............................................ 61 Using Amazon S3 Buckets for Your Origin ........................................................................ 61 Using Amazon EC2 or Other Custom Origins .................................................................... 62 Values that You Specify When You Create or Update a Web Distribution ........................................ 63 Delivery Method .......................................................................................................... 64 API Version 2016-08-01 iii Amazon CloudFront Developer Guide Origin Settings ............................................................................................................ 64 Cache Behavior Settings ............................................................................................... 68 Distribution Details ....................................................................................................... 75 Custom Error Pages and Error Caching ........................................................................... 79 Restrictions ................................................................................................................ 79 Values that CloudFront Displays in the Console When You Create or Update a Web Distribution ........ 80 Distribution ID (General Tab) .......................................................................................... 80 Distribution Status (General Tab) .................................................................................... 80 Last Modified (General Tab) ........................................................................................... 81 Domain Name (General Tab) ......................................................................................... 81 Requirements and Recommendations for Using Amazon EC2 and Other Custom Origins ................ 81 Using AWS WAF to Control Access to Your Content ................................................................... 82 Restricting the Geographic Distribution of Your Content .............................................................. 82 Using CloudFront Geo Restriction ................................................................................... 83 Using a Third-Party Geolocation Service .......................................................................... 84 Configuring On-Demand Smooth Streaming ............................................................................. 85 Configuring On-Demand Progressive Downloads ...................................................................... 86 Configuring On-Demand Apple HTTP Live Streaming (HLS) ....................................................... 86 Working with RTMP Distributions .................................................................................................... 87 How RTMP Distributions Work ............................................................................................... 87 Task List for Streaming Media Files Using RTMP ....................................................................... 89 Creating an RTMP Distribution Using the CloudFront Console ..................................................... 90 Values that You Specify When You Create or Update an RTMP Distribution .................................... 90 Origin Domain Name (Amazon S3 Bucket) ....................................................................... 91 Restrict Bucket Access (Amazon S3 Only) ....................................................................... 92 Origin Access Identity (Amazon S3 Only) ......................................................................... 92 Comment for New Identity(Amazon S3 Only) .................................................................... 92 Your Identities (Amazon S3 Only) ................................................................................... 92 Grant Read Permissions on Bucket (Amazon S3 Only) ....................................................... 92 Price Class ................................................................................................................. 92 Alternate Domain Names (CNAMEs) ............................................................................... 93 Logging ..................................................................................................................... 93 Bucket for Logs ........................................................................................................... 93 Log Prefix ................................................................................................................... 93 Comment ................................................................................................................... 93 Distribution State ......................................................................................................... 93 Restrict Viewer Access (Use Signed URLs) ...................................................................... 94 Trusted Signers ........................................................................................................... 94 AWS Account Numbers ................................................................................................ 94 Values that CloudFront Displays in the Console When You Create or Update an RTMP Distribution ......................................................................................................................... 95 Distribution ID ............................................................................................................. 95 Status ........................................................................................................................ 95 Last Modified .............................................................................................................. 95 Domain Name ............................................................................................................. 95 Configuring the Media Player ................................................................................................. 96 MPEG Files ................................................................................................................ 96 Using an Amazon S3 Bucket as the Origin for an RTMP Distribution ............................................. 96 Creating Multiple RTMP Distributions for an Origin Server ........................................................... 97 Restricting Access Using Crossdomain.xml .............................................................................. 97 Error Codes for RTMP Distributions ........................................................................................ 98 Troubleshooting RTMP Distributions ........................................................................................ 98 Working with Objects .................................................................................................................... 99 Format of URLs for CloudFront Objects ................................................................................... 99 Format of Public URLs for Objects in Amazon S3 ............................................................ 100 Format of Public URLs for Objects in a Custom Origin ...................................................... 101 How Public URLs Affect the Invalidation of Directories ...................................................... 101 Format of Signed URLs ............................................................................................... 101 API Version 2016-08-01 iv Amazon CloudFront Developer Guide How CloudFront Processes HTTP and HTTPS Requests .......................................................... Increasing the Proportion of Requests that Are Served from CloudFront Edge Caches ................... Specifying How Long CloudFront Caches Your Objects ..................................................... Caching Based on Query String Parameters ................................................................... Caching Based on Cookie Values ................................................................................. Caching Based on Request Headers ............................................................................. Serving Media Content by Using HTTP .......................................................................... Configuring CloudFront to Cache Based on Query String Parameters ......................................... Query String Parameters and Web Distributions .............................................................. Query String Parameters and RTMP Distributions ............................................................ Configuring CloudFront to Cache Objects Based on Cookies ..................................................... Configuring CloudFront to Cache Objects Based on Request Headers ........................................ Headers and Web Distributions .................................................................................... Headers and RTMP Distributions .................................................................................. Forwarding Custom Headers to Your Origin (Web Distributions Only) ........................................... Configuring CloudFront to Forward Custom Headers to Your Origin ..................................... Custom Headers that CloudFront Can't Forward to Your Origin ........................................... Using Custom Headers for Cross-Origin Resource Sharing (CORS) ................................... Using Custom Headers to Restrict Access to Your Content on a Custom Origin ..................... Adding, Removing, or Replacing Objects in a Distribution .......................................................... Adding Objects that You Want CloudFront to Distribute ..................................................... Updating Existing Objects Using Versioned Object Names ................................................ Updating Existing Objects Using the Same Object Names ................................................. Specifying How Long Objects Stay in a CloudFront Edge Cache (Expiration) ........................ Invalidating Objects (Web Distributions Only) .................................................................. Customizing Error Responses .............................................................................................. Creating or Updating a Cache Behavior for Custom Error Pages ........................................ Changing Response Codes ......................................................................................... Controlling How Long CloudFront Caches Errors ............................................................. How CloudFront Responds When a Custom Error Page Is Unavailable ................................ Pricing for Custom Error Pages .................................................................................... Configuring Error Response Behavior ............................................................................ How CloudFront Processes Partial Requests for an Object (Range GETs) ................................... Specifying a Default Root Object (Web Distributions Only) ........................................................ Serving Compressed Files ................................................................................................... Using CloudFront to Compress Your Content ................................................................... Using a Custom Origin to Compress Your Content ........................................................... Request and Response Behavior .................................................................................................. Request and Response Behavior for Amazon S3 Origins .......................................................... How CloudFront Processes and Forwards Requests to Your Amazon S3 Origin Server ........... How CloudFront Processes Responses from Your Amazon S3 Origin Server ........................ Request and Response Behavior for Custom Origins ............................................................... How CloudFront Processes and Forwards Requests to Your Custom Origin Server ................ How CloudFront Processes Responses from Your Custom Origin Server ............................. How CloudFront Processes HTTP 3xx Status Codes from Your Origin ......................................... How CloudFront Processes and Caches HTTP 4xx and 5xx Status Codes from Your Origin ............ How CloudFront Processes Errors When You Have Configured Custom Error Pages .............. How CloudFront Processes Errors When You Have Not Configured Custom Error Pages ........ HTTP 4xx and 5xx Status Codes that CloudFront Caches ................................................. Serving Private Content through CloudFront ................................................................................... Overview of Private Content ................................................................................................. Restricting Access to Objects in CloudFront Edge Caches ................................................ Restricting Access to Objects in Amazon S3 Buckets ....................................................... Using an HTTP Server for Private Content .............................................................................. Task List: Serving Private Content ......................................................................................... Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content ............................ Creating a CloudFront Origin Access Identity and Adding it to Your Distribution ..................... API Version 2016-08-01 v 102 102 102 103 103 104 104 105 105 106 106 108 108 112 112 112 113 113 113 114 114 115 115 116 121 127 129 129 129 130 130 131 132 132 135 135 137 139 139 139 144 145 146 155 158 158 158 160 161 162 162 163 163 164 165 166 166 Amazon CloudFront Developer Guide Granting the Origin Access Identity Permission to Read Objects in Your Amazon S3 Bucket ..................................................................................................................... Using an Origin Access Identity in Amazon S3 Regions that Support Only Signature Version 4 Authentication ......................................................................................................... Specifying the AWS Accounts That Can Create Signed URLs and Signed Cookies (Trusted Signers) ........................................................................................................................... Creating CloudFront Key Pairs for Your Trusted Signers ..................................................... Reformatting the CloudFront Private Key (.NET and Java Only) .......................................... Adding Trusted Signers to Your Distribution ..................................................................... Verifying that Trusted Signers Are Active (Optional) .......................................................... Rotating CloudFront Key Pairs ...................................................................................... Choosing Between Signed URLs and Signed Cookies .............................................................. Using Both Signed URLs and Signed Cookies ................................................................ Using Signed URLs ............................................................................................................ Choosing Between Canned and Custom Policies for Signed URLs ..................................... How Signed URLs Work .............................................................................................. Choosing How Long Signed URLs Are Valid ................................................................... When Does CloudFront Check the Expiration Date and Time in a Signed URL? .................... Sample Code and Third-Party Tools .............................................................................. Creating a Signed URL Using a Canned Policy ............................................................... Creating a Signed URL Using a Custom Policy ................................................................ Using Signed Cookies ......................................................................................................... Choosing Between Canned and Custom Policies for Signed Cookies .................................. How Signed Cookies Work .......................................................................................... Preventing Misuse of Signed Cookies ............................................................................ When Does CloudFront Check the Expiration Date and Time in a Signed Cookie? ................. Sample Code and Third-Party Tools .............................................................................. Setting Signed Cookies Using a Canned Policy ............................................................... Setting Signed Cookies Using a Custom Policy ............................................................... Using a Linux Command and OpenSSL for Base64-Encoding and Encryption .............................. Code Examples for Creating a Signature for a Signed URL ....................................................... Create a URL Signature Using Perl ............................................................................... Create a URL Signature Using PHP .............................................................................. Create a URL Signature Using C# and the .NET Framework .............................................. Create a URL Signature Using Java .............................................................................. Using an HTTPS Connection to Access Your Objects ....................................................................... How CloudFront Works with HTTPS Connections .................................................................... How to Require HTTPS for Communication between Viewers, CloudFront, and Your Origin ............. Supported Protocols and Ciphers ......................................................................................... Using Alternate Domain Names and HTTPS ........................................................................... Choosing How CloudFront Serves HTTPS Requests ........................................................ Requirements and Limits on Using SSL/TLS Certificates with CloudFront ............................ To use alternate domain names with HTTPS ................................................................... Determining the Size of the Public Key in an SSL/TLS Certificate ....................................... Rotating SSL/TLS Certificates ...................................................................................... Reverting from a Custom SSL/TLS Certificate to the Default CloudFront Certificate ............... Switching from a Custom SSL/TLS Certificate with Dedicated IP Addresses to SNI ............... Charges for HTTPS Connections .......................................................................................... Authentication and Access Control ................................................................................................ Authentication ................................................................................................................... Access Control .................................................................................................................. Overview of Managing Access ............................................................................................. ARNs for CloudFront Resources ................................................................................... Understanding Resource Ownership ............................................................................. Managing Access to Resources .................................................................................... Specifying Policy Elements: Resources, Actions, Effects, and Principals .............................. Specifying Conditions in a Policy ................................................................................... Using IAM Policies for CloudFront ......................................................................................... API Version 2016-08-01 vi 168 170 171 172 173 174 176 176 178 178 179 179 180 180 181 181 182 189 198 198 198 199 200 200 200 205 213 214 214 216 218 226 229 230 230 233 234 234 236 238 239 240 241 241 242 243 243 244 245 245 245 246 247 247 248 Amazon CloudFront Developer Guide Permissions Required to Use the CloudFront Console ...................................................... AWS Managed (Predefined) Policies for CloudFront ......................................................... Customer Managed Policy Examples ............................................................................. CloudFront API Permissions Reference ................................................................................. Required Permissions for Actions on Web Distributions ..................................................... Required Permissions for Actions on RTMP Distributions .................................................. Required Permissions for Actions on Invalidations ........................................................... Required Permissions for Actions on Origin Access Identities ............................................ Required Permissions for Actions on Tags ...................................................................... Access Logs ............................................................................................................................. How Logging Works ........................................................................................................... Choosing an Amazon S3 Bucket for Your Access Logs ............................................................. Amazon S3 Permissions Required to Access Your Log Files ...................................................... File Name Format .............................................................................................................. Timing of Log File Delivery .................................................................................................. Analyzing Access Logs ....................................................................................................... Editing Your Logging Settings ............................................................................................... Deleting Log Files from an Amazon S3 Bucket ........................................................................ Log File Format ................................................................................................................. Web Distribution Log File Format .................................................................................. RTMP Distribution Log File Format ................................................................................ Charges for Access Logs ..................................................................................................... Monitoring CloudFront Activity Using CloudWatch ............................................................................ Downloading Data in CSV Format ......................................................................................... Information About the Report ....................................................................................... Data in the CloudWatch Metrics Report ......................................................................... Capturing API Requests with CloudTrail ......................................................................................... CloudFront Information in CloudTrail Log Files ......................................................................... Understanding CloudFront Log File Entries ............................................................................. Tagging Amazon CloudFront Distributions ...................................................................................... Tag Restrictions ................................................................................................................. Adding, Editing, and Deleting Tags for Distributions .................................................................. Troubleshooting ......................................................................................................................... I can't view the files in my web distribution. ............................................................................. Did you sign up for both CloudFront and Amazon S3? ...................................................... Are your Amazon S3 bucket and object permissions set correctly? ..................................... Is your alternate domain name (CNAME) correctly configured? .......................................... Are you referencing the correct URL for your CloudFront distribution? ................................. Do you need help troubleshooting a custom origin? .......................................................... I can't view the files in my RTMP distribution. .......................................................................... Error Message: Certificate:is being used by CloudFront. ...................................... Load Testing CloudFront .............................................................................................................. Streaming Tutorials ..................................................................................................................... Live Streaming .................................................................................................................. On-Demand Streaming ....................................................................................................... RTMP Streaming ............................................................................................................... Live HTTP Streaming Using CloudFront and Adobe Media Server 5.0 ......................................... Overview .................................................................................................................. Steps to Configure Live Streaming ................................................................................ Creating an Amazon Web Services Account ................................................................... Creating an Amazon EC2 Key Pair ................................................................................ Subscribing to Adobe Media Server .............................................................................. Creating an AWS CloudFormation Stack for Live Streaming .............................................. Verifying that Adobe Media Server Is Running ................................................................. Setting Up Adobe Flash Media Live Encoder to Publish a Live Stream ................................ Embedding Strobe Media Playback for an Amazon CloudFront Live HTTP Stream in a Web Application ................................................................................................................ Deleting an AWS CloudFormation Stack and an Amazon EBS Volume for Live Streaming ....... API Version 2016-08-01 vii 248 250 250 253 253 254 255 255 255 256 256 257 258 258 258 259 259 260 260 261 267 269 270 271 272 272 274 274 275 280 281 281 282 282 282 282 283 283 283 284 284 285 286 286 286 286 286 287 288 288 288 289 290 291 292 295 296 Amazon CloudFront Developer Guide Frequently Asked Questions ........................................................................................ Additional Documentation ............................................................................................ Live Smooth Streaming Using Amazon CloudFront and IIS Media Services 4.1 ............................. Overview of Live Smooth Streaming with Amazon Web Services ........................................ Creating an Amazon Web Services Account ................................................................... Creating an Amazon EC2 Key Pair ................................................................................ Creating an AWS CloudFormation Stack for Live Smooth Streaming ................................... Verifying that Your Amazon EC2 Windows Server Instance Is Running ................................. Getting Your Windows Password ................................................................................... Encoding Your Live Stream .......................................................................................... Viewing Your Live Smooth Stream ................................................................................. Deleting Your AWS CloudFormation Live Smooth Streaming Stack ..................................... Frequently Asked Questions ........................................................................................ Additional Documentation ............................................................................................ Live Streaming with Wowza Streaming Engine 4.2 ................................................................... Creating an Amazon Web Services Account ................................................................... Creating an Amazon EC2 Key Pair ................................................................................ Getting a License for Wowza Streaming Engine 4.2 ......................................................... Subscribing to Wowza Streaming Engine 4.2 through AWS Marketplace .............................. Creating an AWS CloudFormation Stack for Live Streaming .............................................. Verifying that Wowza Streaming Engine 4.2 Is Running .................................................... Setting Up an Encoder to Publish a Live Stream .............................................................. Playing the Live Stream in a Web Application .................................................................. Deleting an AWS CloudFormation Stack for Live Streaming ............................................... Frequently Asked Questions ........................................................................................ Additional Documentation ............................................................................................ Live HTTP Streaming Using CloudFront and Any HTTP Origin ................................................... Creating a New CloudFront Distribution for Live Streaming ................................................ Configuring Web Players to Play the Live Stream ............................................................. (Optional) Deleting an AWS CloudFormation Stack for Live Streaming ................................ On-Demand Media Streaming with Unified Streaming .............................................................. Creating an Amazon Web Services Account ................................................................... Creating an Amazon EC2 Key Pair ................................................................................ Subscribing to Unified Streaming .................................................................................. Creating an AWS CloudFormation Stack for On-Demand Streaming ................................... Verifying that Unified Streaming Server Is Running .......................................................... Uploading Your Media Files to Amazon S3 ..................................................................... Playing the On-Demand Stream In a Test Web Application ................................................ Deleting the AWS CloudFormation Stack and Amazon S3 Bucket for On-Demand Streaming ................................................................................................................. Frequently Asked Questions ........................................................................................ Additional Documentation ............................................................................................ On-Demand Video Streaming Using CloudFront and Adobe Flash Player ..................................... Creating an Amazon S3 Bucket .................................................................................... Creating CloudFront Web and RTMP Distributions ........................................................... Creating a Flash Project Using Adobe Flash Builder ......................................................... Uploading Media and Flash Builder Files to an Amazon S3 Bucket ..................................... Playing the Media File ................................................................................................. On-Demand Video Streaming Using CloudFront and Flowplayer for Adobe Flash .......................... Uploading Media and Flowplayer Files to an Amazon S3 Bucket ........................................ Creating CloudFront Web and RTMP Distributions ........................................................... Embedding Video in an HTML Page .............................................................................. On-Demand Video Streaming Using CloudFront and JW Player ................................................. Uploading Media and JW Player Files to an Amazon S3 Bucket ......................................... Creating CloudFront Web and RTMP Distributions ........................................................... Embedding Video in a Web Page .................................................................................. Uploading the HTML File and Playing the Video .............................................................. Limits ....................................................................................................................................... API Version 2016-08-01 viii 297 303 304 304 305 305 306 309 309 310 311 311 311 313 314 314 315 315 315 316 318 318 319 321 321 322 324 324 325 325 325 326 327 327 328 330 330 331 333 334 336 338 338 338 340 341 342 343 343 344 345 348 348 349 350 352 353 Amazon CloudFront Developer Guide Resources ................................................................................................................................ Additional Amazon CloudFront Documentation ........................................................................ Getting Support ................................................................................................................. CloudFront Developer Tools and SDKs ................................................................................... Using CloudFront Logging ................................................................................................... Additional Tips from the Amazon Web Services Blog ................................................................ Invalidating Objects ............................................................................................................ Distributing Streaming Media ............................................................................................... Tools and Code Examples for Configuring Private Content ........................................................ Using CloudFront with a Content Management System ............................................................. Document History ...................................................................................................................... AWS Glossary ........................................................................................................................... API Version 2016-08-01 ix 355 355 356 356 356 356 357 357 357 358 359 373 Amazon CloudFront Developer Guide What Is Amazon CloudFront? Topics • How CloudFront Delivers Content (p. 4) • Locations and IP Address Ranges of CloudFront Edge Servers (p. 6) • PCI DSS Compliance (p. 6) CloudFront is a web service that speeds up distribution of your static and dynamic web content, for example, .html, .css, .php, and image files, to end users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving with CloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so content is delivered with the best possible performance. If the content is already in the edge location with the lowest latency, CloudFront delivers it immediately. If the content is not currently in that edge location, CloudFront retrieves it from an Amazon S3 bucket or an HTTP server (for example, a web server) that you have identified as the source for the definitive version of your content. This concept is best illustrated by an example. Suppose you're serving the following image from a traditional web server, not from CloudFront: API Version 2016-08-01 1 Amazon CloudFront Developer Guide (The image is owned by NASA and comes from the Visible Earth website, http://visibleearth.nasa.gov/.) You're serving the image using the URL http://example.com/globe_west_540.png. Your users can easily navigate to this URL and see the image, but they probably don't know that their request was routed from one network to another—through the complex collection of interconnected networks that comprise the Internet—until the image was found. Further suppose that the web server from which you're serving the image is in Seattle, Washington, USA, and that a user in Austin, Texas, USA requests the image. The traceroute list below (courtesy of www.WatchMouse.com) shows one way that this request could be routed. API Version 2016-08-01 2 Amazon CloudFront Developer Guide In this example, the request was routed 10 times within the United States before the image was retrieved, which is not an unusually large number of hops. If your user were in Europe, the request would be routed through even more networks to reach your server in Seattle. The number of networks and the distance that the request and the image must travel have a significant impact on the performance, reliability, and availability of the image. CloudFront speeds up the distribution of your content by routing each user request to the edge location that can best serve your content. Typically, this is the CloudFront edge location that provides the lowest latency. This dramatically reduces the number of networks that your users' requests must pass through, which improves performance. Users get lower latency—the time it takes to load the first byte of the object—and higher data transfer rates. You also get increased reliability and availability because copies of your objects are now held in multiple edge locations around the world. API Version 2016-08-01 3 Amazon CloudFront Developer Guide How CloudFront Delivers Content For a list of the locations of CloudFront edge servers, see The Amazon CloudFront Global Edge Network on the CloudFront Product Details page. How CloudFront Delivers Content After some initial setup, CloudFront works invisibly to speed up delivery of your content. This overview includes both the steps you perform before your first user accesses your application or website and how CloudFront serves your content when configuration is complete. Setting up CloudFront involves a few simple steps: How You Configure CloudFront to Deliver Your Content 1. You configure your origin servers, from which CloudFront gets your files for distribution from CloudFront edge locations all over the world. An origin server stores the original, definitive version of your objects. If you're serving content over HTTP, your origin server is either an Amazon S3 bucket or an HTTP server, such as a web server. Your HTTP server can be running on an Amazon Elastic Compute Cloud (Amazon EC2) instance or on a server that you manage; these servers are also known as custom origins. 2. 3. 4. 5. If you're distributing media files on demand using the Adobe Media Server RTMP protocol, your origin server is always an Amazon S3 bucket. You upload your files to your origin servers. Your files, also known as objects, typically include web pages, images, and media files, but can be anything that can be served over HTTP or a supported version of Adobe RTMP, the protocol used by Adobe Flash Media Server. If you're using an Amazon S3 bucket as an origin server, you can make the objects in your bucket publicly readable, so anyone who knows the CloudFront URLs for your objects can access them. You also have the option of keeping objects private and controlling who accesses them. See Serving Private Content through CloudFront (p. 162). You create a CloudFront distribution, which tells CloudFront which origin servers to get your files from when users request the files through your web site or application. At the same time, you specify details such as whether you want CloudFront to log all requests and whether you want the distribution to be enabled as soon as it's created. CloudFront sends your distribution's configuration (but not your content) to all of its edge locations—collections of servers in geographically dispersed data centers where CloudFront caches copies of your objects. As you develop your website or application, you use the domain name that CloudFront provides for your URLs. For example, if CloudFront returns d111111abcdef8.cloudfront.net as the domain name for your distribution, the URL for logo.jpg in your Amazon S3 bucket (or in the root directory on an HTTP server) will be http://d111111abcdef8.cloudfront.net/logo.jpg. You can also configure your CloudFront distribution so you can use your own domain name. In that case, the URL might be http://www.example.com/logo.jpg. 6. Optionally, you can configure your origin server to add headers to the files; the headers indicate how long you want the files to stay in the cache in CloudFront edge locations. By default, each object stays in an edge location for 24 hours before it expires. The minimum expiration time is 0 seconds; there isn't a maximum expiration time limit. For more information, see Specifying How Long Objects Stay in a CloudFront Edge Cache (Expiration) (p. 116). API Version 2016-08-01 4 Amazon CloudFront Developer Guide How CloudFront Delivers Content How CloudFront Delivers Content to Your Users Once you configure CloudFront to deliver your content, here's what happens when users request your objects: 1. 2. 3. A user accesses your website or application and requests one or more objects, such as an image file and an HTML file. DNS routes the request to the CloudFront edge location that can best serve the user's request, typically the nearest CloudFront edge location in terms of latency, and routes the request to that edge location. In the edge location, CloudFront checks its cache for the requested files. If the files are in the cache, CloudFront returns them to the user. If the files are not in the cache, it does the following: a. b. c. 4. CloudFront compares the request with the specifications in your distribution and forwards the request for the files to the applicable origin server for the corresponding file type—for example, to your Amazon S3 bucket for image files and to your HTTP server for the HTML files. The origin servers send the files back to the CloudFront edge location. As soon as the first byte arrives from the origin, CloudFront begins to forward the files to the user. CloudFront also adds the files to the cache in the edge location for the next time someone requests those files. After an object has been in an edge cache for 24 hours or for the duration specified in your file headers, CloudFront does the following: API Version 2016-08-01 5 Amazon CloudFront Developer Guide Locations and IP Address Ranges of CloudFront Edge Servers a. b. CloudFront forwards the next request for the object to your origin to determine whether the edge location has the latest version. If the version in the edge location is the latest, CloudFront delivers it to your user. If the version in the edge location is not the latest, your origin sends the latest version to CloudFront, and CloudFront delivers the object to your user and stores the latest version in the cache at that edge location. Locations and IP Address Ranges of CloudFront Edge Servers For a list of the locations of CloudFront edge servers, see The Amazon CloudFront Edge Network on the Amazon CloudFront detail page. Amazon Web Services (AWS) publishes its current IP address ranges in JSON format. To view the current ranges, download ip-ranges.json. For more information, see AWS IP Address Ranges in the Amazon Web Services General Reference. To find the IP address ranges that are associated with CloudFront edge servers, search ip-ranges.json for the following string: "service": "CLOUDFRONT" PCI DSS Compliance CloudFront supports the processing, storage, and transmission of credit card data by a merchant or service provider, and has been validated as being compliant with Payment Card Industry (PCI) Data API Version 2016-08-01 6 Amazon CloudFront Developer Guide PCI DSS Compliance Security Standard (DSS). For more information about PCI DSS, including how to request a copy of the AWS PCI Compliance Package, see PCI DSS Level 1. As a security best practice we recommend that you don't cache credit card information in CloudFront edge caches. For example, you can configure your origin to include a Cache-Control:no-cache="field-name" header in responses that contain credit card information such as the last four digits of a credit card number and the card owner's contact information. API Version 2016-08-01 7 Amazon CloudFront Developer Guide AWS Billing and Usage Reports for CloudFront Amazon CloudFront is designed so you don't have to pay any up-front fees or commit to how much content you'll have. As with the other AWS services, you pay as you go and pay only for what you use. The following diagram and table summarize the charges to use CloudFront. API Version 2016-08-01 8 Amazon CloudFront Developer Guide Your monthly bill from AWS separates your usage and dollar amounts by AWS service and function. The following table lists the charges that are illustrated in the previous graphic. Charge Comments Storage in an Amazon S3 bucket You pay normal Amazon S3 storage charges to store objects in your bucket; the charges appear in the Amazon S3 portion of your AWS statement. Serving objects from edge loc- You incur CloudFront charges when CloudFront responds to reations quests for your objects. These charges are lower than the corresponding Amazon S3 charges. The CloudFront charges appear in the CloudFront portion of your AWS statement. For more information, see Amazon CloudFront Pricing. Submitting data to your origin You incur CloudFront charges when users transfer data to your origin, which includes DELETE, OPTIONS, PATCH, POST, and PUT requests. The CloudFront charges appear in the CloudFront portion of your AWS statement. For more information, see Amazon CloudFront Pricing. API Version 2016-08-01 9 Amazon CloudFront Developer Guide AWS Billing Report for CloudFront Note You also incur a surcharge for HTTPS requests. For more information, see Amazon CloudFront Pricing. AWS provides two usage reports for CloudFront: • The billing report is a high-level view of all of the activity for the AWS services that you're using, including CloudFront. For more information, see AWS Billing Report for CloudFront (p. 10). • The usage report is a summary of activity for a specific service, aggregated by hour, day, or month. For more information, see AWS Usage Report for CloudFront (p. 11). In addition, you can view usage charts that provide a graphical representation of your CloudFront usage. For more information, see CloudFront Usage Reports (p. 25). AWS Billing Report for CloudFront You can view a summary of your AWS usage and charges, listed by service, on the Bills page in the AWS Management Console. You can also download a more detailed version of the report in CSV format. The detailed billing report includes the following values that are applicable to CloudFront: • ProductCode — AmazonCloudFront • UsageType — One of the following values • A code that identifies the type of data transfer • Invalidations • SSL-Cert-Custom For more information, see Interpreting Your AWS Bill and the AWS Usage Report for CloudFront (p. 12). • ItemDescription — A description of the billing rate for the UsageType. • Usage Start Date/Usage End Date — The day that the usage applies to, in Coordinated Universal Time (UTC). • Usage Quantity — One of the following values: • The number of requests during the specified time period • The amount of data transferred in gigabytes • The number of objects invalidated • The sum of the prorated months that you had SSL certificates associated with enabled CloudFront distributions. For example, if you have one certificate associated with an enabled distribution for an entire month and another certificate associated with an enabled distribution for half of the month, this value will be 1.5. To display summary billing information and download the detailed billing report 1. Sign in to the AWS Management Console at https://console.aws.amazon.com/console/home. 2. 3. 4. In the title bar, click your IAM user name, and click Billing & Cost Management. In the navigation pane, click Bills. To view summary information for CloudFront, under Details, click CloudFront. 5. To download a detailed billing report in CSV format, click Download CSV, and follow the on-screen prompts to save the report. API Version 2016-08-01 10 Amazon CloudFront Developer Guide AWS Usage Report for CloudFront AWS Usage Report for CloudFront AWS provides a CloudFront usage report that is more detailed than the billing report but less detailed than CloudFront access logs. The usage report provides aggregate usage data by hour, day, or month; and it lists operations by region and usage type, such as data transferred out of the Australia region. The CloudFront usage report includes the following values: • Service — AmazonCloudFront • Operation — HTTP method. Values include DELETE, GET, HEAD, OPTIONS, PATCH, POST, and PUT. • UsageType — One of the following values • A code that identifies the type of data transfer • Invalidations • SSL-Cert-Custom For more information, see Interpreting Your AWS Bill and the AWS Usage Report for CloudFront (p. 12). • Resource — Either the ID of the CloudFront distribution associated with the usage or the certificate ID of an SSL certificate that you have associated with a CloudFront distribution. • StartTime/EndTime — The day that the usage applies to, in Coordinated Universal Time (UTC). • UsageValue — (1) The number of requests during the specified time period or (2) the amount of data transferred in bytes. If you're using Amazon S3 as the origin for CloudFront, consider running the usage report for Amazon S3, too. However, if you use Amazon S3 for purposes other than as an origin for your CloudFront distributions, it might not be clear what portion applies to your CloudFront usage. Tip For detailed information about every request that CloudFront receives for your objects, turn on CloudFront access logs for your distribution. For more information, see Access Logs (p. 256). To download the usage report for CloudFront or Amazon S3 1. 2. 3. 4. 5. 6. Sign in to the AWS Management Console at https://console.aws.amazon.com/console/home. In the title bar, click your IAM user name, and click Billing & Cost Management. In the navigation pane, click Reports. Under AWS Usage Report, click AWS Usage Report. In the Service list, click CloudFront or Amazon Simple Storage Service. Select the applicable settings: • Usage Types — For a detailed explanation of CloudFront usage types, see the section called “Interpreting Your AWS Bill and the AWS Usage Report for CloudFront” (p. 12). For Amazon S3, select All Usage Types. • Operation — Select All Operations. • Time Period — Select the time period that you want the report to cover. • Report Granularity — Select whether you want the report to include subtotals by the hour, by the day, or by the month. 7. 8. Click the download button for the desired format. Follow the on-screen prompts to view or save the report. API Version 2016-08-01 11 Amazon CloudFront Developer Guide Interpreting Your AWS Bill and the AWS Usage Report for CloudFront Interpreting Your AWS Bill and the AWS Usage Report for CloudFront Your AWS bill for CloudFront service includes codes and abbreviations that might not be immediately obvious. The first column in the following table lists items that appear in your bill and explains what each means. In addition, you can get an AWS usage report for CloudFront that contains more detail than the AWS bill for CloudFront. The second column in the table lists items that appear in the usage report and shows the correlation between bill items and usage report items. Most codes in both columns include a two-letter abbreviation that indicates the location of the activity. In the following table, region in a code is replaced by one of the following two-letter abbreviations in your AWS bill and in the usage report: • • • • • • • • AP: Hong Kong, Philippines, South Korea, Singapore, and Taiwan (Asia Pacific) AU: Australia CA: Canada EU: Europe IN: India JP: Japan SA: South America US: United States For more information about pricing by region, see Amazon CloudFront Pricing. Note This table doesn't include charges for transferring your objects from an Amazon S3 bucket to CloudFront edge locations. These charges, if any, appear in the AWS Data Transfer portion of your AWS bill. API Version 2016-08-01 12 Amazon CloudFront Developer Guide Interpreting Your AWS Bill and the AWS Usage Report for CloudFront Items in Your CloudFront Bill Values in the Usage Type Column in the CloudFront Usage Report region-DataTransfer-Out-Bytes Web distributions: Sum of bytes that CloudFront served for • region-Out-Bytes-HTTP-Static: Bytes served via HTTP web and RTMP distributions: for objects with TTL ≥ 3600 seconds • region-Out-Bytes-HTTPS-Static: Bytes served via HT• Web distributions: Total bytes TPS for objects with TTL ≥ 3600 seconds served from CloudFront edge loca• region-Out-Bytes-HTTP-Dynamic: Bytes served via tions in region in response to user HTTP for objects with TTL < 3600 seconds GET and HEAD requests • region-Out-Bytes-HTTPS-Dynamic: Bytes served via • RTMP distributions: Total bytes HTTPS for objects with TTL < 3600 seconds transferred from CloudFront edge locations in region to end users • region-Out-Bytes-HTTP-Proxy: Bytes returned from CloudFront to viewers via HTTP in response to DELETE, OPTIONS, PATCH, POST, and PUT requests. • region-Out-Bytes-HTTPS-Proxy: Bytes returned from CloudFront to viewers via HTTPS in response to DELETE, OPTIONS, PATCH, POST, and PUT requests. RTMP distributions: • region-FMS-Out-Bytes region-DataTransfer-Out-OBytes region-Out-OBytes-HTTP-Proxy Web distributions only: Total bytes transferred from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests. Total bytes transferred via HTTP from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests. region-Out-OBytes-HTTPS-Proxy Total bytes transferred via HTTPS from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests. region-Requests-Tier1 region-Requests-HTTP-Static Web distributions only: Number of HTTP GET and HEAD requests Number of HTTP GET and HEAD requests served for objects with TTL ≥ 3600 seconds region-Requests-HTTP-Dynamic Number of HTTP GET and HEAD requests served for objects with TTL < 3600 seconds region-Requests-Tier2-HTTPS region-Requests-HTTPS-Static Web distributions only: Number of HTTPS GET and HEAD requests Number of HTTPS GET and HEAD requests served for objects with TTL ≥ 3600 seconds region-Requests-HTTPS-Dynamic Number of HTTPS GET and HEAD requests served for objects with TTL < 3600 seconds API Version 2016-08-01 13 Amazon CloudFront Developer Guide Interpreting Your AWS Bill and the AWS Usage Report for CloudFront Items in Your CloudFront Bill Values in the Usage Type Column in the CloudFront Usage Report region-Requests-HTTP-Proxy region-Requests-HTTP-Proxy Web distributions only: Number of Same as the corresponding item in your CloudFront bill HTTP DELETE, OPTIONS, PATCH, POST, and PUT requests that CloudFront forwards to your origin region-Requests-HTTPS-Proxy region-Requests-HTTPS-Proxy Web distributions only: Number of Same as the corresponding item in your CloudFront bill HTTPS DELETE, OPTIONS, PATCH, POST, and PUT requests that CloudFront forwards to your origin Invalidations Invalidations Web distributions only: The charge for Same as the corresponding item in your CloudFront bill invalidating objects (removing the objects from CloudFront edge locations); for more information, see Paying for Object Invalidation (p. 127) SSL-Cert-Custom SSL-Cert-Custom Web distributions only: The charge for Same as the corresponding item in your CloudFront bill using an SSL certificate with a CloudFront alternate domain name such as example.com instead of using the default CloudFront SSL certificate and the domain name that CloudFront assigned to your distribution API Version 2016-08-01 14 Amazon CloudFront Developer Guide CloudFront Reports The CloudFront console includes a variety of reports: • • • • • CloudFront Cache Statistics Reports (p. 15) CloudFront Popular Objects Report (p. 15) CloudFront Top Referrers Report (p. 16) CloudFront Usage Reports (p. 16) CloudFront Viewers Reports (p. 16) Most of these reports are based on the data in CloudFront access logs, which contain detailed information about every user request that CloudFront receives. You don't need to enable access logs to view the reports. For more information, see Access Logs (p. 256). The CloudFront usage report is based on the AWS usage report for CloudFront, which also doesn't require any special configuration. For more information, see AWS Usage Report for CloudFront (p. 11). CloudFront Cache Statistics Reports The CloudFront cache statistics report includes the following information: • Total Requests – Shows the total number of requests for all HTTP status codes (for example, 200 or 404) and all methods (for example, GET, HEAD, or POST) • Percentage of Viewer Requests by Result Type – Shows hits, misses, and errors as a percentage of total viewer requests for the selected CloudFront distribution • Bytes Transferred to Viewers – Shows total bytes and bytes from misses • HTTP Status Codes – Shows viewer requests by HTTP status code • Percentage of GET Requests that Didn't Finish Downloading– Shows viewer GET requests that didn't finish downloading the requested object as a percentage of total requests For more information, see CloudFront Cache Statistics Reports (p. 16). CloudFront Popular Objects Report The CloudFront popular objects report lists the 50 most popular objects and statistics about those objects, including the number of requests for the object, the number of hits and misses, the hit ratio, the number of bytes served for misses, the total bytes served, the number of incomplete downloads, and the number of requests by HTTP status code (2xx, 3xx, 4xx, and 5xx). API Version 2016-08-01 15 Amazon CloudFront Developer Guide CloudFront Cache Statistics Reports For more information, see CloudFront Popular Objects Report (p. 20). CloudFront Top Referrers Report The CloudFront top referrers report includes the top 25 referrers, the number of requests from a referrer, and the number of requests from a referrer as a percentage of the total number of requests during the specified period. For more information, see CloudFront Top Referrers Report (p. 23). CloudFront Usage Reports The CloudFront usage reports include the following information: • Number of Requests – Shows the number of HTTP and HTTPS requests that CloudFront responds to from edge locations in the selected region during each time interval for the specified CloudFront distribution • Data Transferred by Protocol – Shows the total amount of data transferred over HTTP and HTTPS from CloudFront edge locations in the selected region during each time interval for the specified CloudFront distribution • Data Transferred by Destination– Shows the total amount of data transferred over HTTP and HTTPS from CloudFront edge locations in the selected region during each time interval for the specified CloudFront distribution For more information, see CloudFront Usage Reports (p. 25). CloudFront Viewers Reports The CloudFront viewers reports include the following information: • Devices – Shows the types of devices (for example, Desktop or Mobile) that your users use to access your content • Browsers – Shows the name (or the name and version) of the browsers that your users use most frequently to access your content, for example, Chrome or Firefox • Operating Systems – Shows the name (or the name and version) of the operating system that viewers run on most frequently when accessing your content, for example, Linux, Mac OS X, or Windows • Locations – Shows the locations, by country or by U.S. state/territory, of the viewers that access your content most frequently For more information, see CloudFront Viewers Reports (p. 29). CloudFront Cache Statistics Reports You can use the Amazon CloudFront console to display a graphical representation of statistics related to CloudFront edge locations. Data for these statistics are drawn from the same source as CloudFront access logs. You can display charts for a specified date range in the last 60 days, with data points every hour or every day. You can usually view data about requests that CloudFront received as recently as an hour ago, but data can occasionally be delayed by as much as 24 hours. Note You don't need to enable access logging to view cache statistics. API Version 2016-08-01 16 Amazon CloudFront Developer Guide Downloading Data in CSV Format To display CloudFront cache statistics 1. Sign in to the AWS Management Console and open the CloudFront console at https:// console.aws.amazon.com/cloudfront/. 2. 3. In the navigation pane, click Cache Statistics. In the CloudFront Cache Statistics Reports pane, for Start Date and End Date, select the date range for which you want to display cache statistics charts. Available ranges depend on the value that you select for Granularity: • Daily – To display charts with one data point per day, select any date range in the previous 60 days. • Hourly – To display charts with one data point every hour, select any date range of up to 14 days within the previous 60 days. 4. 5. 6. Dates and times are in Coordinated Universal Time (UTC). For Granularity, specify whether to display one data point per day or one data point per hour in the charts. If you specify a date range greater than 14 days, the option to specify one data point per hour is not available. For Viewer Location, choose the continent from which viewer requests originated, or choose All Locations. Cache statistics charts include data for requests that CloudFront received from the specified location. In the Distribution list, select the distributions for which you want to display data in the usage charts: • An individual web distribution – The charts display data for the selected CloudFront web distribution.The Distribution list displays the distribution ID and alternate domain names (CNAMEs) for the distribution, if any. If a distribution has no alternate domain names, the list includes origin domain names for the distribution. • All Web Distributions – The charts display summed data for all web distributions that are associated with the current AWS account, excluding web distributions that you have deleted. 7. 8. 9. Click Update. To view data for a daily or hourly data point within a chart, move your mouse pointer over the data point. For charts that show data transferred, note that you can change the vertical scale to gigabytes, megabytes, or kilobytes for each chart. Topics • Downloading Data in CSV Format (p. 17) • How Cache Statistics Charts Are Related to Data in the CloudFront Access Logs (p. 19) Downloading Data in CSV Format You can download the Cache Statistics report in CSV format. This section explains how to download the report and describes the values in the report. To download the Cache Statistics report in CSV format 1. 2. While viewing the Cache Statistics report, click CSV. In the Opening file name dialog box, choose whether to open or save the file. API Version 2016-08-01 17 Amazon CloudFront Developer Guide Downloading Data in CSV Format Information About the Report The first few rows of the report include the following information: Version The version of the format for this CSV file. Report The name of the report. DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. StartDateUTC The beginning of the date range for which you ran the report, in Coordinated Universal Time (UTC). EndDateUTC The end of the date range for which you ran the report, in Coordinated Universal Time (UTC). GeneratedTimeUTC The date and time on which you ran the report, in Coordinated Universal Time (UTC). Granularity Whether each row in the report represents one hour or one day. ViewerLocation The continent that viewer requests originated from, or ALL, if you chose to download the report for all locations. Data in the Cache Statistics Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. ViewerLocation The continent that viewer requests originated from, or ALL, if you chose to download the report for all locations. TimeBucket The hour or the day that data applies to, in Coordinated Universal Time (UTC). RequestCount The total number of requests for all HTTP status codes (for example, 200 or 404) and all methods (for example, GET, HEAD, or POST). HitCount The number of viewer requests for which the object is served from a CloudFront edge cache. MissCount The number of viewer requests for which the object isn't currently in an edge cache, so CloudFront must get the object from your origin. ErrorCount The number of viewer requests that resulted in an error, so CloudFront didn't serve the object. IncompleteDownloadCount The number of viewer requests for which the viewer started but didn't finish downloading the object. HTTP2xx The number of viewer requests for which the HTTP status code was a 2xx value (succeeded). API Version 2016-08-01 18 Amazon CloudFront Developer Guide How Cache Statistics Charts Are Related to Data in the CloudFront Access Logs HTTP3xx The number of viewer requests for which the HTTP status code was a 3xx value (additional action is required). HTTP4xx The number of viewer requests for which the HTTP status code was a 4xx value (client error). HTTP5xx The number of viewer requests for which the HTTP status code was a 5xx value (server error). TotalBytes The total number of bytes served to viewers by CloudFront in response to all requests for all HTTP methods. BytesFromMisses The number of bytes served to viewers for objects that were not in the applicable edge cache at the time of the request. This value is a good approximation of bytes transferred from your origin to CloudFront edge caches. However, it excludes requests for objects that are already in the edge cache but that have expired. How Cache Statistics Charts Are Related to Data in the CloudFront Access Logs The following table shows how cache statistics charts in the CloudFront console correspond with values in CloudFront access logs. For more information about CloudFront access logs, see Access Logs (p. 256). Total Requests This chart shows the total number of requests for all HTTP status codes (for example, 200 or 404) and all methods (for example, GET, HEAD, or POST). Total requests shown in this chart equal the total number of requests in the access log files for the same time period. Percentage of Viewer Requests by Result Type This chart shows hits, misses, and errors as a percentage of total viewer requests for the selected CloudFront distribution: • Hit – A viewer request for which the object is served from a CloudFront edge cache. In access logs, these are requests for which the value of x-edge-response-result-type is Hit. • Miss – A viewer request for which the object isn't currently in an edge cache, so CloudFront must get the object from your origin. In access logs, these are requests for which the value of x-edge-response-result-type is Miss. • Error – A viewer request that resulted in an error, so CloudFront didn't serve the object. In access logs, these are requests for which the value of x-edge-response-result-type is Error, LimitExceeded, or CapacityExceeded. The chart does not include refresh hits—requests for objects that are in the edge cache but that have expired. In access logs, refresh hits are requests for which the value of x-edge-response-result-type is RefreshHit. Bytes Transferred to Viewers This chart shows two values: • Total Bytes – The total number of bytes served to viewers by CloudFront in response to all requests for all HTTP methods. In CloudFront access logs, Total Bytes is the sum of the values in the sc-bytes column for all of the requests during the same time period. • Bytes from Misses – The number of bytes served to viewers for objects that were not in the applicable edge cache at the time of the request. In CloudFront access logs, Bytes from Misses is the sum of the values in the sc-bytes column for requests for which the value of x-edge-result-type is Miss. This value is a good approximation of bytes transferred from your origin to CloudFront edge caches. However, it excludes requests for objects that are already in the edge cache but that have expired. API Version 2016-08-01 19 Amazon CloudFront Developer Guide CloudFront Popular Objects Report HTTP Status Codes This chart shows viewer requests by HTTP status code. In CloudFront access logs, status codes appear in the sc-status column: • 2xx – The request succeeded. • 3xx – Additional action is required. For example, 301 (Moved Permanently) means that the requested object has moved to a different location. • 4xx – The client apparently made an error. For example, 404 (Not Found) means that the client requested an object that could not be found. • 5xx – The origin server didn't fill the request. For example, 503 (Service Unavailable) means that the origin server is currently unavailable. Percentage of GET Requests that Didn't Finish Downloading This chart shows viewer GET requests that didn't finish downloading the requested object as a percentage of total requests. Typically, downloading an object doesn't complete because the viewer canceled the download, for example, by clicking a different link or by closing the browser. In CloudFront access logs, these requests have a value of 200 in the sc-status column and a value of Error in the x-edge-result-type column. CloudFront Popular Objects Report The Amazon CloudFront console can display a list of the 50 most popular objects for a distribution during a specified date range in the previous 60 days. Data for the Popular Objects report is drawn from the same source as CloudFront access logs. To get an accurate count of the top 50 objects, CloudFront counts the requests for all of your objects in 10-minute intervals beginning at midnight and keeps a running total of the top 150 objects for the next 24 hours. (CloudFront also retains daily totals for the top 150 objects for 60 days.) Near the bottom of the list, objects constantly rise onto or drop off of the list, so the totals for those objects are approximations. The fifty objects at the top of the list of 150 objects may rise and fall within the list, but they rarely drop off of the list altogether, so the totals for those objects typically are more reliable. When an object drops off of the list of the top 150 objects and then rises onto the list again over the course of a day, CloudFront adds an estimated number of requests for the period that the object was missing from the list. The estimate is based on the number of requests received by whichever object was at the bottom of the list during that time period. If the object rises into the top 50 objects later in the day, the estimates of the number of requests that CloudFront received while the object was out of the top 150 objects usually causes the number of requests in the Popular Objects report to exceed the number of requests that appear in the access logs for that object. Note You don't need to enable access logging to view a list of popular objects. To display popular objects for a distribution 1. 2. 3. Sign in to the AWS Management Console and open the CloudFront console at https:// console.aws.amazon.com/cloudfront/. In the navigation pane, click Popular Objects. In the CloudFront Popular Objects Report pane, for Start Date and End Date, select the date range for which you want to display a list of popular objects. You can choose any date range in the previous 60 days. Dates and times are in Coordinated Universal Time (UTC). 4. 5. In the Distribution list, select the distribution for which you want to display a list of popular objects. Click Update. API Version 2016-08-01 20 Amazon CloudFront Developer Guide Downloading Data in CSV Format Topics • Downloading Data in CSV Format (p. 21) • How Data in the Popular Objects Report Is Related to Data in the CloudFront Access Logs (p. 22) Downloading Data in CSV Format You can download the Popular Objects report in CSV format. This section explains how to download the report and describes the values in the report. To download the Popular Objects report in CSV format 1. 2. While viewing the Popular Objects report, click CSV. In the Opening file name dialog box, choose whether to open or save the file. Information About the Report The first few rows of the report include the following information: Version The version of the format for this CSV file. Report The name of the report. DistributionID The ID of the distribution that you ran the report for. StartDateUTC The beginning of the date range for which you ran the report, in Coordinated Universal Time (UTC). EndDateUTC The end of the date range for which you ran the report, in Coordinated Universal Time (UTC). GeneratedTimeUTC The date and time on which you ran the report, in Coordinated Universal Time (UTC). Data in the Popular Objects Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. Object The last 500 characters of the URL for the object. RequestCount The total number of requests for this object. HitCount The number of viewer requests for which the object is served from a CloudFront edge cache. MissCount The number of viewer requests for which the object isn't currently in an edge cache, so CloudFront must get the object from your origin. HitCountPct The value of HitCount as a percentage of the value of RequestCount. API Version 2016-08-01 21 Amazon CloudFront Developer Guide How Data in the Popular Objects Report Is Related to Data in the CloudFront Access Logs BytesFromMisses The number of bytes served to viewers for this object when the object was not in the applicable edge cache at the time of the request. TotalBytes The total number of bytes served to viewers by CloudFront for this object in response to all requests for all HTTP methods. IncompleteDownloadCount The number of viewer requests for this object for which the viewer started but didn't finish downloading the object. HTTP2xx The number of viewer requests for which the HTTP status code was a 2xx value (succeeded). HTTP3xx The number of viewer requests for which the HTTP status code was a 3xx value (additional action is required). HTTP4xx The number of viewer requests for which the HTTP status code was a 4xx value (client error). HTTP5xx The number of viewer requests for which the HTTP status code was a 5xx value (server error). How Data in the Popular Objects Report Is Related to Data in the CloudFront Access Logs The following list shows how values in the Popular Objects report in the CloudFront console correspond with values in CloudFront access logs. For more information about CloudFront access logs, see Access Logs (p. 256). URL The last 500 characters of the URL that viewers use to access the object. Requests The total number of requests for the object. This value generally corresponds closely with the number of GET requests for the object in CloudFront access logs. Hits The number of viewer requests for which the object was served from a CloudFront edge cache. In access logs, these are requests for which the value of x-edge-response-result-type is Hit. Misses The number of viewer requests for which the object wasn't in an edge cache, so CloudFront retrieved the object from your origin. In access logs, these are requests for which the value of x-edge-response-result-type is Miss. Hit Ratio The value of the Hits column as a percentage of the value of the Requests column. Bytes from Misses The number of bytes served to viewers for objects that were not in the applicable edge cache at the time of the request. In CloudFront access logs, Bytes from Misses is the sum of the values in the sc-bytes column for requests for which the value of x-edge-result-type is Miss. Total Bytes The total number of bytes that CloudFront served to viewers in response to all requests for the object for all HTTP methods. In CloudFront access logs, Total Bytes is the sum of the values in the sc-bytes column for all of the requests during the same time period. Incomplete Downloads The number of viewer requests that did not finish downloading the requested object. Typically, the reason that a download doesn't complete is that the viewer canceled it, for example, by clicking a API Version 2016-08-01 22 Amazon CloudFront Developer Guide CloudFront Top Referrers Report different link or by closing the browser. In CloudFront access logs, these requests have a value of 200 in the sc-status column and a value of Error in the x-edge-result-type column. 2xx The number of requests for which the HTTP status code is 2xx, Successful. In CloudFront access logs, status codes appear in the sc-status column. 3xx The number of requests for which the HTTP status code is 3xx, Redirection. 3xx status codes indicate that additional action is required. For example, 301 (Moved Permanently) means that the requested object has moved to a different location. 4xx The number of requests for which the HTTP status code is 4xx, Client Error. 4xx status codes indicate that the client apparently made an error. For example, 404 (Not Found) means that the client requested an object that could not be found. 5xx The number of requests for which the HTTP status code is 5xx, Server Error. 5xx status codes indicate that the origin server didn't fill the request. For example, 503 (Service Unavailable) means that the origin server is currently unavailable. CloudFront Top Referrers Report The CloudFront console can display a list of the 25 domains of the websites that originated the most HTTP and HTTPS requests for objects that CloudFront is distributing for a specified distribution. These top referrers can be search engines, other websites that link directly to your objects, or your own website. For example, if http://example.com/index.html links to 10 graphics, example.com is the referrer for all 10 graphics. You can display the Top Referrers report for any date range in the previous 60 days. Note If a user enters a URL directly into the address line of a browser, there is no referrer for the requested object. Data for the Top Referrers report is drawn from the same source as CloudFront access logs. To get an accurate count of the top 25 referrers, CloudFront counts the requests for all of your objects in 10-minute intervals and keeps a running total of the top 75 referrers. Near the bottom of the list, referrers constantly rise onto or drop off of the list, so the totals for those referrers are approximations. The 25 referrers at the top of the list of 75 referrers may rise and fall within the list, but they rarely drop off of the list altogether, so the totals for those referrers typically are more reliable. Note You don't need to enable access logging to view a list of top referrers. To display top referrers for a distribution 1. Sign in to the AWS Management Console and open the CloudFront console at https:// console.aws.amazon.com/cloudfront/. 2. 3. In the navigation pane, click Top Referrers. In the CloudFront Top Referrers Report pane, for Start Date and End Date, select the date range for which you want to display a list of top referrers. 4. 5. Dates and times are in Coordinated Universal Time (UTC). In the Distribution list, select the distribution for which you want to display a list of top referrers. Click Update. Topics • Downloading Data in CSV Format (p. 24) API Version 2016-08-01 23 Amazon CloudFront Developer Guide Downloading Data in CSV Format • How Data in the Top Referrers Report Is Related to Data in the CloudFront Access Logs (p. 25) Downloading Data in CSV Format You can download the Top Referrers report in CSV format. This section explains how to download the report and describes the values in the report. To download the Top Referrers report in CSV format 1. 2. While viewing the Top Referrers report, click CSV. In the Opening file name dialog box, choose whether to open or save the file. Information About the Report The first few rows of the report include the following information: Version The version of the format for this CSV file. Report The name of the report. DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. StartDateUTC The beginning of the date range for which you ran the report, in Coordinated Universal Time (UTC). EndDateUTC The end of the date range for which you ran the report, in Coordinated Universal Time (UTC). GeneratedTimeUTC The date and time on which you ran the report, in Coordinated Universal Time (UTC). Data in the Top Referrers Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. Referrer The domain name of the referrer. The total number of requests from the domain name in the Referrer column. RequestsPct The number of requests submitted by the referrer as a percentage of the total number of requests during the specified period. API Version 2016-08-01 24 Amazon CloudFront Developer Guide How Data in the Top Referrers Report Is Related to Data in the CloudFront Access Logs How Data in the Top Referrers Report Is Related to Data in the CloudFront Access Logs The following list shows how values in the Top Referrers report in the CloudFront console correspond with values in CloudFront access logs. For more information about CloudFront access logs, see Access Logs (p. 256). Referrer The domain name of the referrer. In access logs, referrers are listed in the cs(Referer) column. Request Count The total number of requests from the domain name in the Referrer column. This value generally corresponds closely with the number of GET requests from the referrer in CloudFront access logs. Request % The number of requests submitted by the referrer as a percentage of the total number of requests during the specified period. If you have more than 25 referrers, then you can't calculate Request % based on the data in this table because the Request Count column doesn't include all of the requests during the specified period. CloudFront Usage Reports The Amazon CloudFront console can display a graphical representation of your CloudFront usage that is based on a subset of the usage report data. You can display charts for a specified date range in the last 60 days, with data points every hour or every day. You can usually view data about requests that CloudFront received as recently as four hours ago, but data can occasionally be delayed by as much as 24 hours. For more information, see How the Usage Charts Are Related to Data in the CloudFront Usage Report (p. 28). To display CloudFront usage charts 1. 2. 3. Sign in to the AWS Management Console and open the CloudFront console at https:// console.aws.amazon.com/cloudfront/. In navigation pane, click Usage Reports. In the CloudFront Usage Reports pane, for Start Date and End Date, select the date range for which you want to display usage charts. Available ranges depend on the value that you select for Granularity: • Daily — To display charts with one data point per day, select any date range in the previous 60 days. • Hourly — To display charts with one data point every hour, select any date range of up to 14 days within the previous 60 days. Dates and times are in Coordinated Universal Time (UTC). 4. 5. For Granularity, specify whether to display one data point per day or one data point per hour in the charts. If you specify a date range greater than 14 days, the option to specify one data point per hour is not available. For Billing Region, choose the CloudFront billing region that has the data you want to view, or choose All Regions. Usage charts include data for requests that CloudFront processes in edge locations in the specified region. The region where CloudFront processes requests might or might not correspond with the location of your users. API Version 2016-08-01 25 Amazon CloudFront Developer Guide Downloading Data in CSV Format Select only regions that are included in the price class for your distribution; otherwise, the usage charts probably won't contain any data. For example, if you chose Price Class 200 for your distribution, the South America and Australia billing regions are not included, so CloudFront generally won't process your requests from those regions. For more information about price classes, see Choosing the Price Class for a CloudFront Distribution (p. 54). 6. In the Distribution list, select the distributions for which you want to display data in the usage charts: • An individual web distribution — The charts display data for the selected CloudFront distribution. The Distribution list displays the distribution ID and alternate domain names (CNAMEs) for the distribution, if any. If a distribution has no alternate domain names, the list includes origin domain names for the distribution. • All Web Distributions (excludes deleted) — The charts display summed data for all web distributions that are associated with the current AWS account, excluding web distributions that you have deleted. • All Deleted Distributions — The charts display summed data for all web distributions that are associated with the current AWS account and that were deleted in the last 60 days. 7. 8. 9. Click Update Graphs. To view data for a daily or hourly data point within a chart, move your mouse pointer over the data point. For charts that show data transferred, note that you can change the vertical scale to gigabytes, megabytes, or kilobytes for each chart. Topics • Downloading Data in CSV Format (p. 26) • How the Usage Charts Are Related to Data in the CloudFront Usage Report (p. 28) Downloading Data in CSV Format You can download the Usage report in CSV format. This section explains how to download the report and describes the values in the report. To download the Usage report in CSV format 1. 2. While viewing the Usage report, click CSV. In the Opening file name dialog box, choose whether to open or save the file. Information About the Report The first few rows of the report include the following information: Version The version of the format for this CSV file. Report The name of the report. DistributionID The ID of the distribution that you ran the report for, ALL if you ran the report for all distributions, or ALL_DELETED if you ran the report for all deleted distributions. StartDateUTC The beginning of the date range for which you ran the report, in Coordinated Universal Time (UTC). API Version 2016-08-01 26 Amazon CloudFront Developer Guide Downloading Data in CSV Format EndDateUTC The end of the date range for which you ran the report, in Coordinated Universal Time (UTC). GeneratedTimeUTC The date and time on which you ran the report, in Coordinated Universal Time (UTC). Granularity Whether each row in the report represents one hour or one day. BillingRegion The continent that viewer requests originated from, or ALL, if you chose to download the report for all billing regions. Data in the Usage Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, ALL if you ran the report for all distributions, or ALL_DELETED if you ran the report for all deleted distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. BillingRegion The CloudFront billing region that you ran the report for, or ALL. TimeBucket The hour or the day that data applies to, in Coordinated Universal Time (UTC). HTTP The number of HTTP requests that CloudFront responded to from edge locations in the selected region during each time interval for the specified CloudFront distribution. Values include: • The number of GET and HEAD requests, which cause CloudFront to transfer data to your users • The number of DELETE, OPTIONS, PATCH, POST, and PUT requests, which cause CloudFront to transfer data to your origin HTTPS The number of HTTPS requests that CloudFront responded to from edge locations in the selected region during each time interval for the specified CloudFront distribution. Values include: • The number of GET and HEAD requests, which cause CloudFront to transfer data to your users • The number of DELETE, OPTIONS, PATCH, POST, and PUT requests, which cause CloudFront to transfer data to your origin HTTPBytes The total amount of data transferred over HTTP from CloudFront edge locations in the selected billing region during the time period for the specified CloudFront distribution. Values include: • Data transferred from CloudFront to your users in response to GET and HEAD requests • Data transferred from CloudFront to your origin for DELETE, OPTIONS, PATCH, POST, and PUT requests • Data transferred from CloudFront to your users in response to DELETE, OPTIONS, PATCH, POST, and PUT requests HTTPSBytes The total amount of data transferred over HTTPS from CloudFront edge locations in the selected billing region during the time period for the specified CloudFront distribution. Values include: • Data transferred from CloudFront to your users in response to GET and HEAD requests • Data transferred from CloudFront to your origin for DELETE, OPTIONS, PATCH, POST, and PUT requests API Version 2016-08-01 27 Amazon CloudFront Developer Guide How the Usage Charts Are Related to Data in the CloudFront Usage Report • Data transferred from CloudFront to your users in response to DELETE, OPTIONS, PATCH, POST, and PUT requests BytesIn The total amount of data transferred from CloudFront to your origin for DELETE, OPTIONS, PATCH, POST, and PUT requests in the selected region during each time interval for the specified CloudFront distribution. BytesOut The total amount of data transferred over HTTP and HTTPS from CloudFront to your users in the selected region during each time interval for the specified CloudFront distribution. Values include: • Data transferred from CloudFront to your users in response to GET and HEAD requests • Data transferred from CloudFront to your users in response to DELETE, OPTIONS, PATCH, POST, and PUT requests How the Usage Charts Are Related to Data in the CloudFront Usage Report The following list shows how the usage charts in the CloudFront console correspond with values in the Usage Type column in the CloudFront usage report. Topics • Number of Requests (p. 28) • Data Transferred by Protocol (p. 28) • Data Transferred by Destination (p. 29) Number of Requests This chart shows the number of HTTP and HTTPS requests that CloudFront responds to from edge locations in the selected region during each time interval for the specified CloudFront distribution. Number of HTTP Requests • region-Requests-HTTP-Static: Number of HTTP GET and HEAD requests served for objects with TTL ≥ 3600 seconds • region-Requests-HTTP-Dynamic: Number of HTTP GET and HEAD requests served for objects with TTL < 3600 seconds • region-Requests-HTTP-Proxy: Number of HTTP DELETE, OPTIONS, PATCH, POST, and PUT requests that CloudFront forwards to your origin Number of HTTPS Requests • region-Requests-HTTPS-Static: Number of HTTPS GET and HEAD requests served for objects with TTL ≥ 3600 seconds • region-Requests-HTTPS-Dynamic: Number of HTTPS GET and HEAD requests served for objects with TTL < 3600 seconds • region-Requests-HTTPS-Proxy: Number of HTTPS DELETE, OPTIONS, PATCH, POST, and PUT requests that CloudFront forwards to your origin Data Transferred by Protocol This chart shows the total amount of data transferred over HTTP and HTTPS from CloudFront edge locations in the selected region during each time interval for the specified CloudFront distribution. API Version 2016-08-01 28 Amazon CloudFront Developer Guide CloudFront Viewers Reports Data Transferred over HTTP • region-Out-Bytes-HTTP-Static: Bytes served via HTTP for objects with TTL ≥ 3600 seconds • region-Out-Bytes-HTTP-Dynamic: Bytes served via HTTP for objects with TTL < 3600 seconds • region-Out-Bytes-HTTP-Proxy: Bytes returned from CloudFront to viewers via HTTP in response to DELETE, OPTIONS, PATCH, POST, and PUT requests • region-Out-OBytes-HTTP-Proxy: Total bytes transferred via HTTP from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests Data Transferred over HTTPS • region-Out-Bytes-HTTPS-Static: Bytes served via HTTPS for objects with TTL ≥ 3600 seconds • region-Out-Bytes-HTTPS-Dynamic: Bytes served via HTTPS for objects with TTL < 3600 seconds • region-Out-Bytes-HTTPS-Proxy: Bytes returned from CloudFront to viewers via HTTPS in response to DELETE, OPTIONS, PATCH, POST, and PUT requests • region-Out-OBytes-HTTPS-Proxy: Total bytes transferred via HTTPS from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests Data Transferred by Destination This chart shows the total amount of data transferred over HTTP and HTTPS from CloudFront edge locations in the selected region during each time interval for the specified CloudFront distribution. Data Transferred from CloudFront to Your Users • region-Out-Bytes-HTTP-Static: Bytes served via HTTP for objects with TTL ≥ 3600 seconds • region-Out-Bytes-HTTPS-Static: Bytes served via HTTPS for objects with TTL ≥ 3600 seconds • region-Out-Bytes-HTTP-Dynamic: Bytes served via HTTP for objects with TTL < 3600 seconds • region-Out-Bytes-HTTPS-Dynamic: Bytes served via HTTPS for objects with TTL < 3600 seconds • region-Out-Bytes-HTTP-Proxy: Bytes returned from CloudFront to viewers via HTTP in response to DELETE, OPTIONS, PATCH, POST, and PUT requests • region-Out-Bytes-HTTPS-Proxy: Bytes returned from CloudFront to viewers via HTTPS in response to DELETE, OPTIONS, PATCH, POST, and PUT requests Data Transferred from CloudFront to Your Origin • region-Out-OBytes-HTTP-Proxy: Total bytes transferred via HTTP from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests • region-Out-OBytes-HTTPS-Proxy: Total bytes transferred via HTTPS from CloudFront edge locations to your origin in response to DELETE, OPTIONS, PATCH, POST, and PUT requests CloudFront Viewers Reports The CloudFront console can display four reports about the physical devices (desktop computers, mobile devices) and about the viewers (typically web browsers) that are accessing your content: • Devices – The type of the devices that your users use most frequently to access your content, for example, Desktop or Mobile. • Browsers – The name (or the name and version) of the browsers that your users use most frequently to access your content, for example, Chrome or Firefox. The report lists the top 10 browsers. • Operating Systems – The name (or the name and version) of the operating system that viewers run on most frequently when accessing your content, for example, Linux, Mac OS X, or Windows. The report lists the top 10 operating systems. API Version 2016-08-01 29 Amazon CloudFront Developer Guide Displaying Viewers Charts and Reports • Locations – The locations, by country or by U.S. state/territory, of the viewers that access your content most frequently. The report lists the top 50 countries or U.S. states/territories. You can display all four Viewers reports for any date range in the previous 60 days. For the Locations report, you can also display the report with data points every hour for any date range of up to 14 days in the previous 60 days. Note You don't need to enable access logging to view Viewers charts and reports. Topics • Displaying Viewers Charts and Reports (p. 30) • Downloading Data in CSV Format (p. 31) • How Data in the Locations Report Is Related to Data in the CloudFront Access Logs (p. 35) Displaying Viewers Charts and Reports To display CloudFront Viewers charts and reports, perform the following procedure. To display CloudFront Viewers charts and reports 1. 2. 3. Sign in to the AWS Management Console and open the CloudFront console at https:// console.aws.amazon.com/cloudfront/. In the navigation pane, click Viewers. In the CloudFront Viewers pane, for Start Date and End Date, select the date range for which you want to display viewer charts and reports. For the Locations chart, available ranges depend on the value that you select for Granularity: • Daily – To display charts with one data point per day, select any date range in the previous 60 days. • Hourly – To display charts with one data point every hour, select any date range of up to 14 days within the previous 60 days. 4. Dates and times are in Coordinated Universal Time (UTC). (Browsers and Operating Systems charts only) For Grouping, specify whether you want to group browsers and operating systems by name (Chrome, Firefox) or by name and version (Chrome 40.0, Firefox 35.0). 5. (Locations chart only) For Granularity, specify whether to display one data point per day or one data point per hour in the charts. If you specify a date range greater than 14 days, the option to specify one data point per hour is not available. 6. (Locations chart only) For Details, specify whether to display the top locations by countries or by U.S. states. In the Distribution list, select the distribution for which you want to display data in the usage charts: 7. • An individual web distribution – The charts display data for the selected CloudFront web distribution. The Distribution list displays the distribution ID and an alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. • All Web Distributions (excludes deleted) – The charts display summed data for all web distributions that are associated with the current AWS account, excluding web distributions that you have deleted. API Version 2016-08-01 30 Amazon CloudFront Developer Guide Downloading Data in CSV Format 8. 9. Click Update. To view data for a daily or hourly data point within a chart, move your mouse pointer over the data point. Downloading Data in CSV Format You can download each of the Viewer reports in CSV format. This section explains how to download the reports and describes the values in the report. To download the Viewer reports in CSV format 1. 2. While viewing the applicable Viewer report, click CSV. Choose the data that you want to download, for example, Devices or Devices Trends. 3. In the Opening file name dialog box, choose whether to open or save the file. Topics • Information About the Reports (p. 31) • Devices Report (p. 32) • Device Trends Report (p. 32) • Browsers Report (p. 32) • Browser Trends Report (p. 33) • Operating Systems Report (p. 33) • Operating System Trends Report (p. 34) • Locations Report (p. 34) • Location Trends Report (p. 35) Information About the Reports The first few rows of each report includes the following information: Version The version of the format for this CSV file. Report The name of the report. DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all web distributions. StartDateUTC The beginning of the date range for which you ran the report, in Coordinated Universal Time (UTC). EndDateUTC The end of the date range for which you ran the report, in Coordinated Universal Time (UTC). GeneratedTimeUTC The date and time on which you ran the report, in Coordinated Universal Time (UTC). Grouping (Browsers and Operating Systems Reports Only) Whether the data is grouped by the name or by the name and version of the browser or operating system. Granularity Whether each row in the report represents one hour or one day. Details (Locations Report Only) Whether requests are listed by country or by U.S. state. API Version 2016-08-01 31 Amazon CloudFront Developer Guide Downloading Data in CSV Format Devices Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. Requests The number of requests that CloudFront received from each type of device. RequestsPct The number of requests that CloudFront received from each type of device as a percentage of the total number of requests that CloudFront received from all devices. Device Trends Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. TimeBucket The hour or the day that the data applies to, in Coordinated Universal Time (UTC). Desktop The number of requests that CloudFront received from desktop computers during the period. Mobile The number of requests that CloudFront received from mobile devices during the period. Mobile devices can include both tablets and mobile phones. If CloudFront can't determine whether a request originated from a mobile device or a tablet, it's counted in the Mobile column. Smart-TV The number of requests that CloudFront received from smart TVs during the period. Tablet The number of requests that CloudFront received from tablets during the period. If CloudFront can't determine whether a request originated from a mobile device or a tablet, it's counted in the Mobile column. Unknown Requests for which the value of the User-Agent HTTP header was not associated with one of the standard device types, for example, Desktop or Mobile. Empty The number of requests that CloudFront received that didn't include a value in the HTTP User-Agent header during the period. Browsers Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. API Version 2016-08-01 32 Amazon CloudFront Developer Guide Downloading Data in CSV Format FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. Group The browser or the browser and version that CloudFront received requests from, depending on the value of Grouping. In addition to browser names, possible values include the following: • Bot/Crawler – primarily requests from search engines that are indexing your content. • Empty – requests for which the value of the User-Agent HTTP header was empty. • Other – browsers that CloudFront identified but that aren't among the most popular. If Bot/Crawler, Empty, and/or Unknown don't appear among the first nine values, then they're also included in Other. • Unknown – requests for which the value of the User-Agent HTTP header was not associated with a standard browser. Most requests in this category come from custom applications or scripts. Requests The number of requests that CloudFront received from each type of browser. RequestsPct The number of requests that CloudFront received from each type of browser as a percentage of the total number of requests that CloudFront received during the time period. Browser Trends Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. TimeBucket The hour or the day that the data applies to, in Coordinated Universal Time (UTC). (Browsers) The remaining columns in the report list the browsers or the browsers and their versions, depending on the value of Grouping. In addition to browser names, possible values include the following: • Bot/Crawler – primarily requests from search engines that are indexing your content. • Empty – requests for which the value of the User-Agent HTTP header was empty. • Other – browsers that CloudFront identified but that aren't among the most popular. If Bot/Crawler, Empty, and/or Unknown don't appear among the first nine values, then they're also included in Other. • Unknown – requests for which the value of the User-Agent HTTP header was not associated with a standard browser. Most requests in this category come from custom applications or scripts. Operating Systems Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. API Version 2016-08-01 33 Amazon CloudFront Developer Guide Downloading Data in CSV Format Group The operating system or the operating system and version that CloudFront received requests from, depending on the value of Grouping. In addition to operating system names, possible values include the following: • Bot/Crawler – primarily requests from search engines that are indexing your content. • Empty – requests for which the value of the User-Agent HTTP header was empty. • Other – operating systems that CloudFront identified but that aren't among the most popular. If Bot/Crawler, Empty, and/or Unknown don't appear among the first nine values, then they're also included in Other. • Unknown – requests for which the value of the User-Agent HTTP header was not associated with a standard browser. Most requests in this category come from custom applications or scripts. Requests The number of requests that CloudFront received from each type of operating system. RequestsPct The number of requests that CloudFront received from each type of operating system as a percentage of the total number of requests that CloudFront received during the time period. Operating System Trends Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. TimeBucket The hour or the day that the data applies to, in Coordinated Universal Time (UTC). (Operating systems) The remaining columns in the report list the operating systems or the operating systems and their versions, depending on the value of Grouping. In addition to operating system names, possible values include the following: • Bot/Crawler – primarily requests from search engines that are indexing your content. • Empty – requests for which the value of the User-Agent HTTP header was empty. • Other – operating systems that CloudFront identified but that aren't among the most popular. If Bot/Crawler, Empty, and/or Unknown don't appear among the first nine values, then they're also included in Other. • Unknown – requests for which the operating system isn't specified in the User-Agent HTTP header. Locations Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. API Version 2016-08-01 34 Amazon CloudFront Developer Guide How Data in the Locations Report Is Related to Data in the CloudFront Access Logs LocationCode The abbreviation for the location that CloudFront received requests from. For more information about possible values, see the description of Location in How Data in the Locations Report Is Related to Data in the CloudFront Access Logs (p. 35). LocationName The name of the location that CloudFront received requests from. Requests The number of requests that CloudFront received from each location. RequestsPct The number of requests that CloudFront received from each location as a percentage of the total number of requests that CloudFront received from all locations during the time period. TotalBytes The number of bytes that CloudFront served to viewers in this country or state, for the specified distribution and period. Location Trends Report The report includes the following values: DistributionID The ID of the distribution that you ran the report for, or ALL if you ran the report for all distributions. FriendlyName An alternate domain name (CNAME) for the distribution, if any. If a distribution has no alternate domain names, the list includes an origin domain name for the distribution. TimeBucket The hour or the day that the data applies to, in Coordinated Universal Time (UTC). (Locations) The remaining columns in the report list the locations that CloudFront received requests from. For more information about possible values, see the description of Location in How Data in the Locations Report Is Related to Data in the CloudFront Access Logs (p. 35). How Data in the Locations Report Is Related to Data in the CloudFront Access Logs The following list shows how data in the Locations report in the CloudFront console corresponds with values in CloudFront access logs. For more information about CloudFront access logs, see Access Logs (p. 256). Location The country or U.S. state that the viewer is in. In access logs, the c-ip column contains the IP address of the device that the viewer is running on. We use geolocation data to identify the geographic location of the device based on the IP address. If you're displaying the Locations report by country, note that the country list is based on ISO 3166-2, Codes for the representation of names of countries and their subdivisions – Part 2: Country subdivision code. The country list includes the following additional values: • Anonymous Proxy – The request originated from an anonymous proxy. • Satellite Provider – The request originated from a satellite provider that provides Internet service to multiple countries. Users might be in countries with a high risk of fraud. • Europe (Unknown) – The request originated from an IP in a block that is used by multiple European countries. The country that the request originated from cannot be determined. CloudFront uses Europe (Unknown) as the default. API Version 2016-08-01 35 Amazon CloudFront Developer Guide How Data in the Locations Report Is Related to Data in the CloudFront Access Logs • Asia/Pacific (Unknown) – The request originated from an IP in a block that is used by multiple countries in the Asia/Pacific region. The country that the request originated from cannot be determined. CloudFront uses Asia/Pacific (Unknown) as the default. If you're displaying the Locations report by U.S. state, note that the report can include U.S. territories and U.S. Armed Forces regions. Request Count The total number of requests from the country or U.S. state that the viewer is in, for the specified distribution and period. This value generally corresponds closely with the number of GET requests from IP addresses in that country or state in CloudFront access logs. Request % One of the following, depending on the value that you selected for Details: • Countries – The requests from this country as a percentage of the total number of requests. • U.S. States – The requests from this state as a percentage of the total number of requests from the United States. If requests came from more than 50 countries, then you can't calculate Request % based on the data in this table because the Request Count column doesn't include all of the requests during the specified period. Bytes The number of bytes that CloudFront served to viewers in this country or state, for the specified distribution and period. To change the display of data in this column to KB, MB, or GB, click the link in the column heading. API Version 2016-08-01 36 Amazon CloudFront Developer Guide Step 1: Sign up for Amazon Web Services Getting Started with CloudFront The example in this topic gives you a quick overview of how to use CloudFront to: • • • • Store the original versions of your objects in one Amazon Simple Storage Service (Amazon S3) bucket. Distribute download content such as text or graphics. Make your objects accessible to everyone. Use the CloudFront domain name in URLs for your objects (for example, http://d111111abcdef8.cloudfront.net/image.jpg) instead of your own domain name (for example, http://www.example.com/image.jpg). • Keep your objects in CloudFront edge locations for the default duration of 24 hours. (The minimum duration is 0 seconds.) For information about how to use CloudFront when you want to use other options, see Task List for Creating a Web Distribution (p. 58) or Task List for Streaming Media Files Using RTMP (p. 89). You only need to perform a few basic steps to start delivering your content using CloudFront. The first step is signing up. After that, you create a CloudFront distribution, and then use the CloudFront domain name to reference content in your web pages or applications. Topics • • • • Step 1: Sign up for Amazon Web Services (p. 37) Step 2: Upload your content to Amazon S3 and grant object permissions (p. 38) Step 3: Create a CloudFront Web Distribution (p. 39) Step 4: Test your links (p. 45) Step 1: Sign up for Amazon Web Services If you haven't already done so, sign up for Amazon Web Services at http://aws.amazon.com. Just choose Sign Up Now and enter any required information. API Version 2016-08-01 37 Amazon CloudFront Developer Guide Step 2: Upload your content to Amazon S3 and grant object permissions Step 2: Upload your content to Amazon S3 and grant object permissions An Amazon S3 bucket is a container that can contain objects or folders. CloudFront can distribute almost any type of object for you using an Amazon S3 bucket as the source, for example, text, images, and videos. You can create multiple buckets, and there is no limit to the amount of data that you can store on Amazon S3. By default, your Amazon S3 bucket and all of the objects in it are private—only the AWS account that created the bucket has permission to read or write the objects in it. If you want to allow anyone to access the objects in your Amazon S3 bucket using CloudFront URLs, you must grant public read permissions to the objects. (This is one of the most common mistakes when working with CloudFront and Amazon S3. You must explicitly grant privileges to each object in an Amazon S3 bucket.) Note If you want to restrict who can download your content, you can use the CloudFront private content feature. For more information about distributing private content, see Serving Private Content through CloudFront (p. 162). To upload your content to Amazon S3 and grant read permission to everyone 1. 2. 3. Sign in to the AWS Management Console and open the Amazon S3 console at https:// console.aws.amazon.com/s3/. In the Amazon S3 console, choose Create Bucket. In the Create Bucket dialog, enter a bucket name. Important For your bucket to work with CloudFront, the name must conform to DNS naming requirements. For more information, go to Bucket Restrictions and Limitations in the Amazon Simple Storage Service Developer Guide. 4. 5. 6. 7. Select a region for your bucket. By default, Amazon S3 creates buckets in the US East (N. Virginia) region. We recommend that you choose a region close to you to optimize latency, minimize costs, or to address regulatory requirements. Choose Create. Select your bucket in the Buckets pane, and choose Upload. On the Upload - Select Files page, choose Add Files, and choose the files that you want to upload. API Version 2016-08-01 38 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution 8. Enable public read privileges for each object that you upload to your Amazon S3 bucket. a. b. c. 9. Choose Set Details. On the Set Details page, choose Set Permissions. On the Set Permissions page, choose Make everything public. Choose Start Upload. After the upload completes, you can navigate to this item by its URL. In the case of the previous example, the URL would be: http://s3.amazonaws.com/example-myawsbucket/filename Use your Amazon S3 URL to verify that your content is publicly accessible, but remember that this is not the URL you will use when you are ready to distribute your content. Step 3: Create a CloudFront Web Distribution To create a CloudFront web distribution 1. Open the CloudFront console at https://console.aws.amazon.com/cloudfront/. 2. 3. Choose Create Distribution. On the Select a delivery method for your content page, in the Web section, choose Get Started. API Version 2016-08-01 39 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution 4. On the Create Distribution page, under Origin Settings, choose the Amazon S3 bucket that you created earlier. For Origin ID, Origin Path, Restrict Bucket Access, and Origin Custom Headers, accept the default values. 5. Under Default Cache Behavior Settings, accept the default values, and CloudFront will: API Version 2016-08-01 40 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution • Forward all requests that use the CloudFront URL for your distribution (for example, http://d111111abcdef8.cloudfront.net/image.jpg) to the Amazon S3 bucket that you specified in Step 4. • Allow end users to use either HTTP or HTTPS to access your objects. • Respond to requests for your objects. • Cache your objects at CloudFront edge locations for 24 hours. • Forward only the default request headers to your origin and not cache your objects based on the values in the headers. • Exclude cookies and query string parameters, if any, when forwarding requests for objects to your origin. (Amazon S3 doesn't process cookies and processes only a limited set of query string parameters.) • Not be configured to distribute media files in the Microsoft Smooth Streaming format. • Allow everyone to view your content. • Not automatically compress your content. For more information about cache behavior options, see Cache Behavior Settings (p. 68). API Version 2016-08-01 41 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution 6. Under Distribution Settings, enter the applicable values: Price Class Select the price class that corresponds with the maximum price that you want to pay for CloudFront service. By default, CloudFront serves your objects from edge locations in all CloudFront regions. API Version 2016-08-01 42 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution For more information about price classes and about how your choice of price class affects CloudFront performance for your distribution, go to Choosing the Price Class for a CloudFront Distribution (p. 54). For information about CloudFront pricing, including how price classes map to CloudFront regions, go to Amazon CloudFront Pricing. AWS WAF Web ACL If you want to use AWS WAF to allow or block HTTP and HTTPS requests based on criteria that you specify, choose the web ACL to associate with this distribution. For more information about AWS WAF, see the AWS WAF Developer Guide. Alternate Domain Names (CNAMEs) (Optional) Specify one or more domain names that you want to use for URLs for your objects instead of the domain name that CloudFront assigns when you create your distribution. For example, if you want the URL for the object: /images/image.jpg to look like this: http://www.example.com/images/image.jpg instead of like this: http://d111111abcdef8.cloudfront.net/images/image.jpg you would create a CNAME for www.example.com. Important If you add a CNAME for www.example.com to your distribution, you also need to create (or update) a CNAME record with your DNS service to route queries for www.example.com to d111111abcdef8.cloudfront.net.You must have permission to create a CNAME record with the DNS service provider for the domain. Typically, this means that you own the domain, but you may also be developing an application for the domain owner. For more information about CNAMEs, see Using Alternate Domain Names (CNAMEs) (p. 50). For the current limit on the number of alternate domain names that you can add to a distribution, see Amazon CloudFront Limits in the Amazon Web Services General Reference. To request a higher limit, go to https://console.aws.amazon.com/support/home#/case/ create?issueType=service-limit-increase&limitType=service-code-cloudfront-distributions. SSL Certificate Accept the default value, Default CloudFront Certificate. Default Root Object (Optional) The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL of your distribution (http://www.example.com/) instead of an object in your distribution (http://www.example.com/product-description.html). Specifying a default root object avoids exposing the contents of your distribution. Logging (Optional) If you want CloudFront to log information about each request for an object and store the log files in an Amazon S3 bucket, select On, and specify the bucket and an optional prefix for the names of the log files. There is no extra charge to enable logging, but you accrue the usual Amazon S3 charges for storing and accessing the files. CloudFront doesn't delete the logs automatically, but you can delete them at any time. Cookie Logging In this example, we're using Amazon S3 as the origin for your objects, and Amazon S3 doesn't process cookies, so we recommend that you select Off for the value of Cookie Logging. Comment (Optional) Enter any comments that you want to save with the distribution. API Version 2016-08-01 43 Amazon CloudFront Developer Guide Step 3: Create a CloudFront Web Distribution Distribution State Select Enabled if you want CloudFront to begin processing requests as soon as the distribution is created, or select Disabled if you do not want CloudFront to begin processing requests after the distribution is created. 7. Choose Create Distribution. 8. After CloudFront has created your distribution, the value of the Status column for your distribution will change from InProgress to Deployed. If you chose to enable the distribution, it will then be ready to process requests. This should take less than 15 minutes. The domain name that CloudFront assigns to your distribution appears in the list of distributions. (It also appears on the General tab for a selected distribution.) API Version 2016-08-01 44 Amazon CloudFront Developer Guide Step 4: Test your links Step 4: Test your links After you've created your distribution, CloudFront knows where your Amazon S3 origin server is, and you know the domain name associated with the distribution. You can create a link to your Amazon S3 bucket content with that domain name, and have CloudFront serve it. Note You must wait until the status of your distribution changes to Deployed before testing your links. To link to your objects 1. Copy the following HTML into a new file: • Replace with the domain name that CloudFront assigned to your distribution. • Replace
Source Exif Data:
File Type : PDF File Type Extension : pdf MIME Type : application/pdf PDF Version : 1.4 Linearized : No Author : Unknown Trapped : False Create Date : 2016:08:12 22:19:35Z Modify Date : 2016:08:12 22:19:35Z Page Count : 382 Page Layout : OneColumn Page Mode : UseOutlines Format : application/pdf Title : Amazon CloudFront Developer Guide Creator : Unknown Producer : XEP 4.18 build 20100322 Creator Tool : DocBook Xsl V 1.76, with Amazon Web Services Internal TweaksEXIF Metadata provided by EXIF.tools