I recently worked on implementing CloudFront for s3 bucket files. Most of the tutorials were doing that using console management(UI) but we at Blue Sky Analytics prefer “code as infrastructure”. So I had to do this using CloudFormation. With the help of a few StackOverflow links and tutorials, I was able to write CloudFormation Template.
So What exactly CloudFront and CloudFromation are?
These definitions will help you out.
CloudFront: Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds, all within a developer-friendly environment.
CloudFromation: On AWS, the CloudFormation service provides Infrastructure as Code capabilities. CloudFormation uses templates, configuration files defined in JSON or YAML syntax, that are human readable and can be easily edited, which you can use to define the resources you want to set up. CloudFormation reads a template and generates a stack, a set of resources ready to use on AWS.
How is this gonna work?
We are gonna use a private bucket, a public bucket can also be used but we don’t use it to avoid direct access to bucket and leakage.
CloudFront can access private bucket data using OAI(Origin Access Identity). An OAI is like a virtual user through which CloudFront can access private bucket. After creating OAI and using it in CloudFront, we need to update bucket policy, So that CloudFront with an OAI can access it.
Resources we are going to build using CloudFormation:
- S3 Bucket
- OAI(Origin Access Identity).
- Update Bucket Policy
- CloudFront Distribution
AWSTemplateFormatVersion: "2010-09-09"
Resources:
#aws #aws-s3 #aws-cloudformation #aws-cloudfront #infrastructure-as-code #amazon #cdn #origin-access-identity
