AWS CloudFront #

Info on Trusted signers/key groups #

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-trusted-signers.html

Transfer traffic from existing distribution to a new one #

• Make sure that the new distribution has a certificate that covers the domain to be moved, this can be done either with domain alias or with a wildcard certificate
• Create a txt record with ‘_’ char in front of the host that points to the new distribution domain . This is for cloudfront to authenticate that you own the domain

  _cname.example.com. 900 IN TXT “dexample123456.cloudfront.net”

• Call the AssociateAlias command from cli to move the alternate domain to the new distribution

  aws cloudfront associate-alias –target-distribution-id YourTargeDistributiontID –alias your_cname.example.com

Cache handling #

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html#expiration-individual-objects