Moving on, Route53 is yet another awesome service provided by AWS that is specially designed for distributing and delivering content across the globe and it is called Amazon CloudFront. For some reason, CloudFront is not one of the most commonly used services in the AWS service family; nevertheless, it is still a good alternative to S3 when it comes to distributing content geographically. How does it all work? Well, it's quite simple actually! To begin with, the first thing that you need to do is configure an Origin Server. An Origin Server is nothing more than a place from where CloudFront retrieves the files or content for distribution. Origin Servers can be anything from an S3 bucket to even an EC2 instance running in a VPC. Once an Origin is defined, the next step involves the upload of objects to your Origin Server. Objects can be anything from images, media files, to even web pages! Yes, you heard it right! Web pages as well! Anything and everything that can be served over the HTTP protocol or a supported version of the Real Time Messaging protocol (RTMP). Refer to the following diagram as an example of Origin Server:

The next step is perhaps the most important one and involves the creation of a CloudFront distribution. The distribution describes which Origin Server to use when a user initiates a request to an image or a media object from your application or website. This step will provide your objects with a new CloudFront URL, which you need to substitute in your application. For example, a standard image URL may look something like this once it is referenced by CloudFront: http://112233.cloudfront.net/myimage.jpg. CloudFront then sends this distribution configuration to all of its specialized edge locations that are spread out across the world.

These edge locations are nothing more than small data centers where CloudFront caches copies of your objects and keeps them ready for distribution. When a user accesses or requests the object from your application or website, the DNS will route it to the nearest edge location. CloudFront will then check its cache for the requested file in the edge location. If the file is present in the cache, then it is returned to the user. If not, then CloudFront will request the file from the Origin Server and cache it in its edge location. This delivery method comes in really handy when you have a lot of data that gets requested or accessed by users on high frequency basis. It also improves the overall performance of your application and website as well as increasing reliability and availability.

Getting started with distributions

Now that the basic concepts are out of the way, let's look at some simple steps using which you can get your own CloudFront distribution up and running in a matter of minutes! First up, access the CloudFront option from the AWS Management Console, as shown here:

This will bring up the CloudFront Management dashboard where you will be able to create your distributions as well as perform a wide variety of monitoring and analysis tasks, such as view Cache Statistics, Popular Objects based on frequency of requests, Usage, alarms, and so on.

To create your first distribution, select the Create Distribution button. This will bring up a page where you need to select the distribution's delivery method. Currently, CloudFront supports two modes of delivering content; they are as follows:

• Web: Create a web distribution if you wish to distribute static as well as dynamic content in the form of HTML pages, or even CSS, PHP pages, and static images. Do remember that web distributions serve the following content over the HTTP or HTTPS protocols only. You can use either an S3 bucket or even an EC2 instance such as a web server for your web distribution.
• RTMP: The RTMP distribution is only meant for live streaming data and media files such as videos. This distribution only supports an S3 bucket as the origin server. The following variants of the RTMP protocol are supported by CloudFront:
  • RTMP: Adobe's Real-Time Message Protocol.
  • RTMPT: Adobe streaming tunnel over HTTP.
  • RTMPE: Adobe encrypted.
  • RTMPTE: Adobe encrypted tunnel over HTTP.

For this little demonstration, I'll be using one of the S3 buckets that we created in the previous chapter (Chapter 9, Working with Simple Storage Service). The bucket contains a simple video that I wish to distribute using CloudFront's edge locations, so the obvious choice for the distribution selection in this case will be RTMP. In case you do not have a bucket by now, follow the simple steps outlined in Chapter 9, Working with Simple Storage Service, and create a bucket, upload a video to it, and make sure that the bucket has public permissions provided to it.

Next, fill out the following details to create your very own RTMP distribution:

• Origin Domain Name: Provide the DNS name of the S3 bucket from which you want CloudFront to get objects for this origin. In my case, the value provided here is master-doggy-12-01-2015.s3.amazonaws.com.
• Restrict Bucket Access: CloudFront provides an added layer of security using which you can restrict end users from accessing objects using only CloudFront URLs and not using Amazon S3 URLs. This particular feature is called as Origin Access Identity (OAI). For now, let's go ahead and use this feature to safeguard our bucket. Select the Yes option, as shown in the following image.
• Origin Access Identity: Once you have opted to restrict bucket access, the next step involves the creation of an OAI. Select the Create a New Identity option as shown and provide a meaningful name for the new identity in the Comment section as well:
  
• Grant Read Permissions on Bucket: Select the Yes, Update Bucket Policy option to allow CloudFront to automatically grant the OAI the permission to read objects stored in your Amazon S3 bucket. You can choose to update the permissions manually as well.
• Restrict Viewer Access: Select the Yes option if you want to use a CloudFront-signed URL or signed cookies as a medium to provide access to objects in your Amazon S3 bucket. This is yet another advanced security feature using which you can restrict user access to your buckets. For now, I have selected No as the option here.
• Price Class: CloudFront provides three basic pricing classes that can basically help you pay lower prices based on the content you deliver out of CloudFront. The Price Classes field come in three variants: All, which includes all the edge locations present in AWS; Price Class 200, which includes US, Europe, a bit of Southeast Asia, and India; and finally Price Class 300, which only includes edge locations present in US and Europe. Depending on your application's reach, you can select the Price Class as per your requirements. For a complete overview of how CloudFront charges you as well as its Price Class, check http://aws.amazon.com/cloudfront/pricing/.
• Alternate Domain Names (CNAMES): This is an optional field you can use if you want to replace the CloudFront URL's domain name with something a bit more customized and meaningful, such as your own domain name.
• Logging: You can enable logging at any time to log information about each request made to an object. Simply select the On option, as shown in the following screenshot, and fill out the Bucket for Logs option as well as Log Prefix values. You can optionally provide a Comment as well if required:
  
• Distribution State: Before you complete the distribution's creation, you need to specify whether you want the distribution to be enabled or disabled after its creation. By selecting the Enabled option, your users can access the CloudFront distribution immediately after its creation, whereas Disabled means that even though the distribution is ready for use, the end users will not be able to use it.

Once your configurations are completed, select the Create Distribution option. The distribution will take a couple of minutes to change from pending state to enabled. Once it's ready, you can use the CloudFront Domain Name to retrieve your objects from the Origin Server:

You can edit your distribution's settings anytime by simply selecting the distribution entry and clicking on Distribution Settings as shown. You can also Disable or Delete the state of your distribution using this dashboard. Follow the same steps and you can also configure a web distribution for your application, so give that a try as well.