[AWS Architect] CloudFront
CloudFront Path Patterns
You can define Behaviors to server different Origin for differnet request.
For example:
Set Behavior if match
- *.jpg redirect request to Origin 1
- *.mp4 redirect request to Origin 2
- Set default orgin in used for Origin 3 if no pattern matching
- If need to force request connect through HTTPS
- Modify Viewer Protocl, Redirect HTTP to HTTPS
- For AWS Certficate for CloudFront
- Issue certificate musts be in us-east-1
- SSL can be ACM or a trusted third-party CA
- Default CloudFront domain name can be chagned using CNAMES
- Origion protocol must be public accessable
- S3 has its own certificate (can't be changed)
- For Custom Origin
- Certificate can be AMC for ALB or third-party for EC2
Server Name Indication (SNI)
For CloudFront, Multiple certificates share the same IP with SNI.
So if request comes from one domain name, CloudFront and match the Origin and redirect request to it.