Advertisement · 728 × 90
#
Hashtag
#AmazonCloudFront
Advertisement · 728 × 90
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
1 month ago
Amazon CloudFront announces mutual TLS support for origins Amazon CloudFront announces support for mutual TLS authentication (mTLS) for origins, a security protocol that enables customers to verify that requests to their origin servers come only from their authorized CloudFront distributions using TLS certificates. This certificate-based authentication provides cryptographic verification of CloudFront's identity, eliminating the need for customers to manage custom security controls. Previously, verifying that requests came from CloudFront distributions required customers to build and maintain custom authentication solutions like shared secret headers or IP allow-lists, particularly for public or externally hosted origins. These approaches required ongoing operational overhead to rotate secrets, update allow-lists, and maintain custom code. Now with origin mTLS support, customers can implement a standardized, certificate-based authentication approach that eliminates this operational burden. This enables organizations to enforce strict authentication for their proprietary content, ensuring that only verified CloudFront distributions can establish connections to backend infrastructure ranging from AWS origins and on-premises servers to third-party cloud providers and external CDNs. Customers can leverage client certificates issued by https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html or third-party private Certificate Authorities, which they import through https://aws.amazon.com/certificate-manager/. Customers can configure origin mTLS using the AWS Management Console, CLI, SDK, CDK, or CloudFormation. Origin mTLS is supported for all origins that support mutual TLS on AWS such as Application Load Balancer and API Gateway, as well as on-premises and custom origins. There is no additional charge for origin mTLS. Origin mTLS is also available in the Business and Premium flat-rate pricing plans. For detailed implementation guidance and best practices, visit the CloudFront origin https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-mtls-authentication.html.

Amazon CloudFront announces mutual TLS support for origins

Amazon CloudFront announces support for mutual TLS authentication (mTLS) for origins, a security protocol that enables customers to verify that requests to their origin servers come only from their authorized Cl...

#AWS #AmazonCloudfront

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
1 month ago
Preview
Amazon CloudFront announces mutual TLS support for origins Amazon CloudFront announces support for mutual TLS authentication (mTLS) for origins, a security protocol that enables customers to verify that requests to their origin servers come only from their authorized CloudFront distributions using TLS certificates. This certificate-based authentication provides cryptographic verification of CloudFront's identity, eliminating the need for customers to manage custom security controls. Previously, verifying that requests came from CloudFront distributions required customers to build and maintain custom authentication solutions like shared secret headers or IP allow-lists, particularly for public or externally hosted origins. These approaches required ongoing operational overhead to rotate secrets, update allow-lists, and maintain custom code. Now with origin mTLS support, customers can implement a standardized, certificate-based authentication approach that eliminates this operational burden. This enables organizations to enforce strict authentication for their proprietary content, ensuring that only verified CloudFront distributions can establish connections to backend infrastructure ranging from AWS origins and on-premises servers to third-party cloud providers and external CDNs. Customers can leverage client certificates issued by AWS Private Certificate Authority or third-party private Certificate Authorities, which they import through AWS Certificate Manager. Customers can configure origin mTLS using the AWS Management Console, CLI, SDK, CDK, or CloudFormation. Origin mTLS is supported for all origins that support mutual TLS on AWS such as Application Load Balancer and API Gateway, as well as on-premises and custom origins. There is no additional charge for origin mTLS. Origin mTLS is also available in the Business and Premium flat-rate pricing plans. For detailed implementation guidance and best practices, visit the CloudFront origin mutual TLS documentation.

🆕 Amazon CloudFront now supports mutual TLS for origins, securing requests with TLS certificates, cutting custom controls and overhead. No extra cost; available in Business and Premium plans.

#AWS #AmazonCloudfront

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront announces support for mutual TLS authentication Amazon CloudFront announces support for mutual TLS Authentication (mTLS), a security protocol that requires both the server and client to authenticate each other using X.509 certificates, enabling customers to validate client identities at CloudFront's edge locations. Customers can now ensure only clients presenting trusted certificates can access their distributions, helping protect against unauthorized access and security threats. Previously, customers had to spend ongoing effort implementing and maintaining their own client access management solutions, leading to undifferentiated heavy lifting. Now with the support for mutual TLS, customers can easily validate client identities at the AWS edge before connections are established with their application servers or APIs. Example use cases include B2B secure API integrations for enterprises and client authentication for IoT. For B2B API security, enterprises can authenticate API requests from trusted third parties and partners using mutual TLS. For IoT use cases, enterprises can validate that devices are authorized to receive proprietary content such as firmware updates. Customers can leverage their existing third-party Certificate Authorities or https://docs.aws.amazon.com/privateca/latest/userguide/PcaWelcome.html to sign the X.509 certificates. With Mutual TLS, customers get the performance and scale benefits of CloudFront for workloads that require client authentication. Mutual TLS authentication is available to all CloudFront customers at no additional cost. Customers can configure mutual TLS with CloudFront using the AWS Management Console, CLI, SDK, CDK, and CloudFormation. For detailed implementation guidance and best practices, visit https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/mtls-authentication.html.

Amazon CloudFront announces support for mutual TLS authentication

Amazon CloudFront announces support for mutual TLS Authentication (mTLS), a security protocol that requires both the server and client to authenticate each other using X.509 certificates, enabling custome...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront announces support for mutual TLS authentication Amazon CloudFront announces support for mutual TLS Authentication (mTLS), a security protocol that requires both the server and client to authenticate each other using X.509 certificates, enabling customers to validate client identities at CloudFront's edge locations. Customers can now ensure only clients presenting trusted certificates can access their distributions, helping protect against unauthorized access and security threats. Previously, customers had to spend ongoing effort implementing and maintaining their own client access management solutions, leading to undifferentiated heavy lifting. Now with the support for mutual TLS, customers can easily validate client identities at the AWS edge before connections are established with their application servers or APIs. Example use cases include B2B secure API integrations for enterprises and client authentication for IoT. For B2B API security, enterprises can authenticate API requests from trusted third parties and partners using mutual TLS. For IoT use cases, enterprises can validate that devices are authorized to receive proprietary content such as firmware updates. Customers can leverage their existing third-party Certificate Authorities or AWS Private Certificate Authority to sign the X.509 certificates. With Mutual TLS, customers get the performance and scale benefits of CloudFront for workloads that require client authentication. Mutual TLS authentication is available to all CloudFront customers at no additional cost. Customers can configure mutual TLS with CloudFront using the AWS Management Console, CLI, SDK, CDK, and CloudFormation. For detailed implementation guidance and best practices, visit CloudFront Mutual TLS (viewer) documentation.

🆕 Amazon CloudFront now supports mTLS for secure client auth at edge, enabling trusted access control for B2B APIs and IoT. Configure via console, CLI, SDK, CDK, and CloudFormation, no extra cost.

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront integrates with VPC IPAM to support BYOIP Amazon CloudFront now supports bringing your own IP addresses (BYOIP) for Anycast Static IPs via VPC IP Address Manager (IPAM). This capability enables network administrators to use their own public IPv4 address pools with CloudFront distributions, simplifying IP address management across AWS's global infrastructure. CloudFront typically uses rotating IP addresses to serve traffic. CloudFront Anycast Static IPs enables customers to provide a dedicated list of IP addresses to partners and customers, enhancing security and simplifying network management. Previously, customers implementing Anycast Static IPs received AWS-provided static IP addresses for their workloads. With IPAM's unified interface, customers can now create dedicated IP address pools using BYOIP and assign them to CloudFront Anycast Static IP lists. Customers do not need to change the existing IP address space for their applications when they migrate to CloudFront, thus maintaining existing allow-lists and branding. The feature is available within Amazon VPC IPAM in all commercial AWS Regions, excluding the AWS GovCloud (US) Regions, and China (Beijing, operated by Sinnet) and China (Ningxia, operated by NWCD). To learn more about CloudFront BYOIP feature, view the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/bring-your-own-ip-address-using-ipam.html. For details on pricing, refer to the IPAM tab on the https://aws.amazon.com/vpc/pricing/.

Amazon CloudFront integrates with VPC IPAM to support BYOIP

Amazon CloudFront now supports bringing your own IP addresses (BYOIP) for Anycast Static IPs via VPC IP Address Manager (IPAM). This capability enables network administrators to use their own public ...

#AWS #AmazonVpc #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront integrates with VPC IPAM to support BYOIP Amazon CloudFront now supports bringing your own IP addresses (BYOIP) for Anycast Static IPs via VPC IP Address Manager (IPAM). This capability enables network administrators to use their own public IPv4 address pools with CloudFront distributions, simplifying IP address management across AWS's global infrastructure. CloudFront typically uses rotating IP addresses to serve traffic. CloudFront Anycast Static IPs enables customers to provide a dedicated list of IP addresses to partners and customers, enhancing security and simplifying network management. Previously, customers implementing Anycast Static IPs received AWS-provided static IP addresses for their workloads. With IPAM's unified interface, customers can now create dedicated IP address pools using BYOIP and assign them to CloudFront Anycast Static IP lists. Customers do not need to change the existing IP address space for their applications when they migrate to CloudFront, thus maintaining existing allow-lists and branding. The feature is available within Amazon VPC IPAM in all commercial AWS Regions, excluding the AWS GovCloud (US) Regions, and China (Beijing, operated by Sinnet) and China (Ningxia, operated by NWCD). To learn more about CloudFront BYOIP feature, view the BYOIP CloudFront documentation. For details on pricing, refer to the IPAM tab on the Amazon VPC Pricing Page.

🆕 Amazon CloudFront supports BYOIP for Anycast Static IPs via VPC IPAM, letting customers use their own IPv4 pools, simplifying IP management, and keeping existing allow-lists. Available in most commercial regions except AWS GovCloud and China.

#AWS #AmazonVpc #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront announces 3 new CloudFront Functions capabilities Amazon CloudFront now supports three new capabilities for CloudFront Functions: edge location and Regional Edge Cache (REC) metadata, raw query string retrieval, and advanced origin overrides. Developers can now build more sophisticated edge computing logic with greater visibility into CloudFront's infrastructure and precise, granular control over origin connections. CloudFront Functions allows you to run lightweight JavaScript code at CloudFront edge locations to customize content delivery and implement security policies with sub-millisecond execution times. Edge location metadata, includes the three-letter airport code of the serving edge location and the expected REC. This enables geo-specific content routing or compliance requirements, such as directing European users to GDPR-compliant origins based on client location. The raw query string capability provides access to the complete, unprocessed query string as received from the viewer, preserving special characters and encoding that may be altered during standard parsing. Advanced origin overrides solve critical challenges for complex application infrastructures by allowing you to customize SSL/TLS handshake parameters, including Server Name Indication (SNI). For example, multi-tenant setups may override SNI where CloudFront connects through CNAME chains that resolve to servers with different certificate domains. These new CloudFront Functions capabilities are available at no additional charge in all CloudFront edge location. To learn more about CloudFront Functions, see the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.html.

Amazon CloudFront announces 3 new CloudFront Functions capabilities

Amazon CloudFront now supports three new capabilities for CloudFront Functions: edge location and Regional Edge Cache (REC) metadata, raw query string retrieval, and advanced origin overrides. Developer...

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront now supports CBOR Web Tokens and Common Access Tokens Amazon CloudFront now supports https://datatracker.ietf.org/doc/html/rfc8392 and Common Access Tokens (CAT), enabling secure token-based authentication and authorization with CloudFront Functions at CloudFront edge locations. CWT provides a compact, binary alternative to JSON Web Tokens (JWT) using https://datatracker.ietf.org/doc/html/rfc8949 encoding, while CAT extends CWT with additional fine grained access control including URL patterns, IP restrictions, and HTTP method limitations. Both token types use https://datatracker.ietf.org/doc/html/rfc8152 for enhanced security and allow developers to implement lightweight, high-performance authentication mechanisms directly at the edge with sub-millisecond execution times. CWT and CAT are ideal for performance critical applications such as live video streaming platforms that need to validate viewer access tokens millions of times per second, or IoT applications where bandwidth efficiency is crucial. These tokens also provide a single, standardized method for content authentication across multi-CDN deployments, simplifying security management and preventing the need for unique configurations for each CDN provider. For example, a media company can use CAT to create tokens that restrict access to specific video content based on subscription tiers, geographic location, and device types, all validated consistently across CloudFront and other CDN providers without requiring application network calls. With CWT and CAT support, you can validate incoming tokens, generate new tokens, and implement token refresh logic within CloudFront Functions. The feature integrates seamlessly with CloudFront Functions KeyValueStore for secure key management. CWT and CAT support for CloudFront Functions is available at no additional charge in all CloudFront edge locations. To learn more about CloudFront Functions CBOR Web Token support, see the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cwt-support-cloudfront-functions.html.

Amazon CloudFront now supports CBOR Web Tokens and Common Access Tokens

Amazon CloudFront now supports https://datatracker.ietf.org/doc/html/rfc8392 and Common Access Tokens (CAT), enabling secure token-based authentication and authorization with CloudFront Functions at...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront announces 3 new CloudFront Functions capabilities Amazon CloudFront now supports three new capabilities for CloudFront Functions: edge location and Regional Edge Cache (REC) metadata, raw query string retrieval, and advanced origin overrides. Developers can now build more sophisticated edge computing logic with greater visibility into CloudFront's infrastructure and precise, granular control over origin connections. CloudFront Functions allows you to run lightweight JavaScript code at CloudFront edge locations to customize content delivery and implement security policies with sub-millisecond execution times. Edge location metadata, includes the three-letter airport code of the serving edge location and the expected REC. This enables geo-specific content routing or compliance requirements, such as directing European users to GDPR-compliant origins based on client location. The raw query string capability provides access to the complete, unprocessed query string as received from the viewer, preserving special characters and encoding that may be altered during standard parsing. Advanced origin overrides solve critical challenges for complex application infrastructures by allowing you to customize SSL/TLS handshake parameters, including Server Name Indication (SNI). For example, multi-tenant setups may override SNI where CloudFront connects through CNAME chains that resolve to servers with different certificate domains. These new CloudFront Functions capabilities are available at no additional charge in all CloudFront edge location. To learn more about CloudFront Functions, see the Amazon CloudFront Developer Guide.

🆕 Amazon CloudFront adds three new CloudFront Functions features: edge location metadata, raw query string, and advanced origin overrides. These enhance edge computing, geo-specific routing, and SSL/TLS customization, all at no extra cost.

#AWS #AmazonCloudfront

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront now supports CBOR Web Tokens and Common Access Tokens Amazon CloudFront now supports CBOR Web Tokens (CWT) and Common Access Tokens (CAT), enabling secure token-based authentication and authorization with CloudFront Functions at CloudFront edge locations. CWT provides a compact, binary alternative to JSON Web Tokens (JWT) using Concise Binary Object Representation (CBOR) encoding, while CAT extends CWT with additional fine grained access control including URL patterns, IP restrictions, and HTTP method limitations. Both token types use CBOR Object Signing and Encryption (COSE) for enhanced security and allow developers to implement lightweight, high-performance authentication mechanisms directly at the edge with sub-millisecond execution times. CWT and CAT are ideal for performance critical applications such as live video streaming platforms that need to validate viewer access tokens millions of times per second, or IoT applications where bandwidth efficiency is crucial. These tokens also provide a single, standardized method for content authentication across multi-CDN deployments, simplifying security management and preventing the need for unique configurations for each CDN provider. For example, a media company can use CAT to create tokens that restrict access to specific video content based on subscription tiers, geographic location, and device types, all validated consistently across CloudFront and other CDN providers without requiring application network calls. With CWT and CAT support, you can validate incoming tokens, generate new tokens, and implement token refresh logic within CloudFront Functions. The feature integrates seamlessly with CloudFront Functions KeyValueStore for secure key management. CWT and CAT support for CloudFront Functions is available at no additional charge in all CloudFront edge locations. To learn more about CloudFront Functions CBOR Web Token support, see the Amazon CloudFront Developer Guide.

🆕 Amazon CloudFront now supports CBOR Web Tokens and Common Access Tokens for secure, lightweight edge-based authentication, enhancing performance for critical applications like live streaming and IoT, with no additional charge.

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront now supports TLS 1.3 for origin connections Amazon CloudFront now supports TLS 1.3 when connecting to your origins, providing enhanced security and improved performance for origin communications. This upgrade offers stronger encryption algorithms, reduced handshake latency, and better overall security posture for data transmission between CloudFront edge locations and your origin servers. TLS 1.3 support is automatically enabled for all origin types, including custom origins, Amazon S3, and Application Load Balancers, with no configuration changes required on your part. TLS 1.3 provides faster connection establishment through a reduced number of round trips during the handshake process, delivering up to 30% improvement in connection performance when your origin supports it. CloudFront will automatically negotiate TLS 1.3 when your origin supports it, while maintaining backward compatibility with lower TLS versions for origins that haven't yet upgraded. This enhancement benefits applications requiring high security standards, such as financial services, healthcare, and e-commerce platforms that handle sensitive data. TLS 1.3 support for origin connections is available at no additional charge in all CloudFront edge locations. To learn more about CloudFront origin TLS, see the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-ciphers-cloudfront-to-origin.html.

Amazon CloudFront now supports TLS 1.3 for origin connections

Amazon CloudFront now supports TLS 1.3 when connecting to your origins, providing enhanced security and improved performance for origin communications. This upgrade offers stronger encryption algorithms, redu...

#AWS #AmazonCloudfront

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront now supports TLS 1.3 for origin connections Amazon CloudFront now supports TLS 1.3 when connecting to your origins, providing enhanced security and improved performance for origin communications. This upgrade offers stronger encryption algorithms, reduced handshake latency, and better overall security posture for data transmission between CloudFront edge locations and your origin servers. TLS 1.3 support is automatically enabled for all origin types, including custom origins, Amazon S3, and Application Load Balancers, with no configuration changes required on your part. TLS 1.3 provides faster connection establishment through a reduced number of round trips during the handshake process, delivering up to 30% improvement in connection performance when your origin supports it. CloudFront will automatically negotiate TLS 1.3 when your origin supports it, while maintaining backward compatibility with lower TLS versions for origins that haven't yet upgraded. This enhancement benefits applications requiring high security standards, such as financial services, healthcare, and e-commerce platforms that handle sensitive data. TLS 1.3 support for origin connections is available at no additional charge in all CloudFront edge locations. To learn more about CloudFront origin TLS, see the Amazon CloudFront Developer Guide.

🆕 Amazon CloudFront now supports TLS 1.3 for origin connections, enhancing security and performance with stronger encryption, reduced latency, and automatic negotiation for faster connections, benefiting secure applications at no extra cost.

#AWS #AmazonCloudfront

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
AWS announces flat-rate pricing plans for website delivery and security Amazon Web Services (AWS) is launching flat-rate pricing plans with no overages for website delivery and security. The flat-rate plans, available with Amazon CloudFront, combine global content delivery with AWS WAF, DDoS protection, Amazon Route 53 DNS, Amazon CloudWatch Logs ingestion, and serverless edge compute into a simple monthly price with no overage charges. Each plan also includes monthly Amazon S3 storage credits to help offset your storage costs. CloudFront flat-rate plans allow you to deliver your websites and applications without calculating costs across multiple AWS services. You won’t face the risk of overage charges, even if your website or application goes viral or faces a DDoS attack. Security features like WAF and DDoS protection are enabled by default, and additional configurations are simple to set up. When you serve your AWS applications through CloudFront instead of directly to the internet, your flat-rate plan covers the data transfer costs between your applications and your viewers for a simple monthly price without the worry of overages. This simplified pricing model is available alongside pay-as-you-go pricing for each CloudFront distribution, giving you the flexibility to choose the right pricing model and feature set for each application. Plans are available in Free ($0/month), Pro ($15/month), Business ($200/month), and Premium ($1,000/month) tiers for new and existing CloudFront distributions. Select the plan tier with the features and usage allowances matching your application’s needs. To learn more, refer to the https://aws.amazon.com/blogs/networking-and-content-delivery/introducing-flat-rate-pricing-plans-with-no-overages/, https://aws.amazon.com/cloudfront/pricing/, or https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/flat-rate-pricing-plan.html. To get started, visit the https://us-east-1.console.aws.amazon.com/cloudfront/v4/home?region=us-east-1#/distributions.

AWS announces flat-rate pricing plans for website delivery and security

Amazon Web Services (AWS) is launching flat-rate pricing plans with no overages for website delivery and security. The flat-rate plans, available with Amazon CloudFront, co...

#AWS #AwsWaf #AmazonCloudwatch #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
AWS announces flat-rate pricing plans for website delivery and security Amazon Web Services (AWS) is launching flat-rate pricing plans with no overages for website delivery and security. The flat-rate plans, available with Amazon CloudFront, combine global content delivery with AWS WAF, DDoS protection, Amazon Route 53 DNS, Amazon CloudWatch Logs ingestion, and serverless edge compute into a simple monthly price with no overage charges. Each plan also includes monthly Amazon S3 storage credits to help offset your storage costs. CloudFront flat-rate plans allow you to deliver your websites and applications without calculating costs across multiple AWS services. You won’t face the risk of overage charges, even if your website or application goes viral or faces a DDoS attack. Security features like WAF and DDoS protection are enabled by default, and additional configurations are simple to set up. When you serve your AWS applications through CloudFront instead of directly to the internet, your flat-rate plan covers the data transfer costs between your applications and your viewers for a simple monthly price without the worry of overages. This simplified pricing model is available alongside pay-as-you-go pricing for each CloudFront distribution, giving you the flexibility to choose the right pricing model and feature set for each application. Plans are available in Free ($0/month), Pro ($15/month), Business ($200/month), and Premium ($1,000/month) tiers for new and existing CloudFront distributions. Select the plan tier with the features and usage allowances matching your application’s needs. To learn more, refer to the Launch Blog, Plans and Pricing, or CloudFront Developer Guide. To get started, visit the CloudFront console.

🆕 AWS introduces flat-rate pricing for CloudFront, bundling global delivery, WAF, DDoS protection, etc., in four tiers: Free, Pro, Business, and Premium, with no overage charges.

#AWS #AwsWaf #AmazonCloudwatch #AmazonCloudfront

2 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon CloudFront announces cross-account support for VPC origins Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distributions. With VPC origins, customers can have their Application Load Balancers (ALB), Network Load Balancers (NLB), and EC2 Instances in a private subnet that is accessible only through their CloudFront distributions. With the support for cross-account VPC origins in CloudFront, customers can now leverage the security benefits of VPC origins while maintaining their existing multi-account architecture. Customers set up multiple AWS accounts for better security isolation, cost management, and compliance. Previously, customers could access origins in private VPCs from CloudFront only if CloudFront and the origin were in the same AWS account. This meant customers who had their origins in multiple AWS accounts, had to keep their accounts in public subnets to get the scale and performance benefits of CloudFront. Customers then had to maintain additional security controls, such as access control lists (ACL), at both the edge and within regions, rather than benefiting from the inherent security of VPC origins. Now, customers can use https://aws.amazon.com/ram/ to allow CloudFront access to origins in private VPCs in different AWS accounts, both within and outside their AWS Organizations and organizational units (OUs). This streamlines security management and reduces operational complexity, making it easy to use CloudFront as the single front door for applications. VPC origins is available in AWS Commercial Regions only, and the full list of supported AWS Regions is available https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-vpc-origins.html#vpc-origins-supported-regions. There is no additional cost for using cross-account VPC origins with CloudFront. To learn more about implementing cross-account VPC origins and best practices for multi-account architectures, visit https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-vpc-origins.html

Amazon CloudFront announces cross-account support for VPC origins

Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distribution...

#AWS #AmazonCloudfront

0 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon CloudFront announces cross-account support for VPC origins Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distributions. With VPC origins, customers can have their Application Load Balancers (ALB), Network Load Balancers (NLB), and EC2 Instances in a private subnet that is accessible only through their CloudFront distributions. With the support for cross-account VPC origins in CloudFront, customers can now leverage the security benefits of VPC origins while maintaining their existing multi-account architecture. Customers set up multiple AWS accounts for better security isolation, cost management, and compliance. Previously, customers could access origins in private VPCs from CloudFront only if CloudFront and the origin were in the same AWS account. This meant customers who had their origins in multiple AWS accounts, had to keep their accounts in public subnets to get the scale and performance benefits of CloudFront. Customers then had to maintain additional security controls, such as access control lists (ACL), at both the edge and within regions, rather than benefiting from the inherent security of VPC origins. Now, customers can use AWS Resource Access Manager (RAM) to allow CloudFront access to origins in private VPCs in different AWS accounts, both within and outside their AWS Organizations and organizational units (OUs). This streamlines security management and reduces operational complexity, making it easy to use CloudFront as the single front door for applications. VPC origins is available in AWS Commercial Regions only, and the full list of supported AWS Regions is available here. There is no additional cost for using cross-account VPC origins with CloudFront. To learn more about implementing cross-account VPC origins and best practices for multi-account architectures, visit CloudFront VPC origins.

🆕 Amazon CloudFront now supports cross-account VPC origins, allowing secure access to private VPC resources in different AWS accounts, enhancing security and simplifying multi-account architecture management without additional costs.

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
4 months ago
Amazon Cloudfront adds IPv6 support for Anycast Static IPs Amazon CloudFront now supports both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously, this feature was limited to IPv4 addresses only. This update now provides customers with ability to have both IPv4 and IPv6 addresses when using CloudFront Anycast Static IP addresses. Previously, customers could only use IPv4 addresses when using CloudFront Anycast static IP addresses. With this launch, customers using CloudFront Anycast Static IP addresses receive both IPv4 and IPv6 addresses for their workloads. This dual-stack support allows customers to meet IPv6 compliance requirements, future-proof their infrastructure, and serve end users on IPv6-only networks. CloudFront supports IPv6 for Anycast Static IPs from all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. Learn more about Anycast Static IPs https://aws.amazon.com/blogs/networking-and-content-delivery/zero-rating-and-ip-address-management-made-easy-cloudfronts-new-anycast-static-ips-explained/ and for more information, please refer to the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/request-static-ips.html. For pricing, please see https://aws.amazon.com/cloudfront/pricing/.

Amazon Cloudfront adds IPv6 support for Anycast Static IPs

Amazon CloudFront now supports both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously, this feature was limited to IPv4 addresses only. This update now provides customers with ability to h...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
4 months ago
Preview
Amazon Cloudfront adds IPv6 support for Anycast Static IPs Amazon CloudFront now supports both IPv4 and IPv6 addresses for Anycast Static IP configurations. Previously, this feature was limited to IPv4 addresses only. This update now provides customers with ability to have both IPv4 and IPv6 addresses when using CloudFront Anycast Static IP addresses. Previously, customers could only use IPv4 addresses when using CloudFront Anycast static IP addresses. With this launch, customers using CloudFront Anycast Static IP addresses receive both IPv4 and IPv6 addresses for their workloads. This dual-stack support allows customers to meet IPv6 compliance requirements, future-proof their infrastructure, and serve end users on IPv6-only networks. CloudFront supports IPv6 for Anycast Static IPs from all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. Learn more about Anycast Static IPs here and for more information, please refer to the Amazon CloudFront Developer Guide. For pricing, please see CloudFront Pricing.

🆕 Amazon CloudFront now supports IPv6 for Anycast Static IPs, offering both IPv4 and IPv6 addresses globally, excluding AWS China regions. This update helps meet IPv6 compliance and future-proofs infrastructure.

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
5 months ago
AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025) Last week, Strands Agents, AWS open source for agentic AI SDK just hit 1 million downloads and earned 3,000+ GitHub Stars less than 4 months since launching as a preview in May 2025. With Strands Agents, you can build production-ready, multi-agent AI systems in a few lines of code. We’ve continuously improved features including support […]

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025)

Last week, Strands Agen...

#AWS #AmazonCloudfront #AmazonEc2MacInstances #AwsCloudDevelopmentKit #AwsCloudtrail #AwsLambda #AwsTrainium #News #OpenSource #Startup #WeekInReview

2 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025) Last week, Strands Agents, AWS open source for agentic AI SDK just hit 1 million downloads and earned 3,000+ GitHub Stars less than 4 months since launching as a preview in May 2025. With Strands Agents, you can build production-ready, multi-agent AI systems in a few lines of code. We’ve continuously improved features including support […]

AWS Weekly Roundup: Strands Agents 1M+ downloads, Cloud Club Captain, AI Agent Hackathon, and more (September 15, 2025)

Last week, Strands Agen...

#AWS #AmazonCloudfront #AmazonEc2MacInstances #AwsCloudDevelopmentKit #AwsCloudtrail #AwsLambda #AwsTrainium #News #OpenSource #Startup #WeekInReview

2 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
Amazon CloudFront adds ECDSA support for signed URLs Amazon CloudFront now supports Elliptic Curve Digital Signature Algorithm (ECDSA) for signed URLs and signed cookies, providing customers with enhanced performance and security for content access control. This addition gives customers the flexibility to choose between RSA and ECDSA cryptographic algorithms based on their specific security and performance requirements. Previously, CloudFront only supported RSA based encryption algorithms to create signed tokens. ECDSA offers several advantages over traditional RSA signatures, including faster signature generation and verification, smaller signature sizes that result in shorter URLs, and equivalent security with smaller key sizes. This makes ECDSA signed URLs and signed cookies particularly beneficial for high-volume applications, mobile environments, and IoT devices where processing efficiency and bandwidth optimization are critical. ECDSA support with signed URLs and signed cookies is available in all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. There is no additional charge to utilize this feature. To learn more about restricting content delivered with Amazon CloudFront, visit the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html#private-content-how-signed-urls-work 

Amazon CloudFront adds ECDSA support for signed URLs

Amazon CloudFront now supports Elliptic Curve Digital Signature Algorithm (ECDSA) for signed URLs and signed cookies, providing customers with enhanced performance and security for content access control. This additio...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
6 months ago
Preview
Amazon CloudFront adds ECDSA support for signed URLs Amazon CloudFront now supports Elliptic Curve Digital Signature Algorithm (ECDSA) for signed URLs and signed cookies, providing customers with enhanced performance and security for content access control. This addition gives customers the flexibility to choose between RSA and ECDSA cryptographic algorithms based on their specific security and performance requirements. Previously, CloudFront only supported RSA based encryption algorithms to create signed tokens. ECDSA offers several advantages over traditional RSA signatures, including faster signature generation and verification, smaller signature sizes that result in shorter URLs, and equivalent security with smaller key sizes. This makes ECDSA signed URLs and signed cookies particularly beneficial for high-volume applications, mobile environments, and IoT devices where processing efficiency and bandwidth optimization are critical. ECDSA support with signed URLs and signed cookies is available in all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. There is no additional charge to utilize this feature. To learn more about restricting content delivered with Amazon CloudFront, visit the CloudFront documentation.

🆕 Amazon CloudFront now supports ECDSA for signed URLs, offering faster, smaller, and more secure content access control compared to RSA, with no extra charge. Available globally except AWS China regions.

#AWS #AmazonCloudfront

1 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
Amazon CloudFront announces support for IPv6 origins Amazon CloudFront expands its IPv6 capabilities by introducing support for IPv6 connectivity to origin servers, allowing customers to implement end-to-end IPv6 content delivery for their web applications. Support for IPv6 origins enables customers to send IPv6 traffic all the way to their origins, allowing them to meet their architectural and regulatory requirements for IPv6 adoption. End-to-end IPv6 support improves network performance for end users connecting over IPv6 networks, and also removes concerns for IPv4 address exhaustion for origin infrastructure. Previously, CloudFront only supported IPv4 connectivity to origins, despite accepting IPv6 connections from end users. Customers using CloudFront can configure their custom origins to use IPv4-only (default), IPv6-only, or dual-stack connectivity. When using dual-stack, CloudFront will automatically choose between IPv4 and IPv6 addresses to ensure even distribution of traffic towards origin over both. Customers can configure IPv6 origins in all supported AWS Commercial Regions. Customers can configure IPv6-only or dual-stack origins with CloudFront, excluding Amazon S3 and VPC origins. To learn more IPv6 support with CloudFront, visit the https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-enable-ipv6.html

Amazon CloudFront announces support for IPv6 origins

Amazon CloudFront expands its IPv6 capabilities by introducing support for IPv6 connectivity to origin servers, allowing customers to implement end-to-end IPv6 content delivery for their web applications. Support for ...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
6 months ago
Preview
Amazon CloudFront announces support for IPv6 origins Amazon CloudFront expands its IPv6 capabilities by introducing support for IPv6 connectivity to origin servers, allowing customers to implement end-to-end IPv6 content delivery for their web applications. Support for IPv6 origins enables customers to send IPv6 traffic all the way to their origins, allowing them to meet their architectural and regulatory requirements for IPv6 adoption. End-to-end IPv6 support improves network performance for end users connecting over IPv6 networks, and also removes concerns for IPv4 address exhaustion for origin infrastructure. Previously, CloudFront only supported IPv4 connectivity to origins, despite accepting IPv6 connections from end users. Customers using CloudFront can configure their custom origins to use IPv4-only (default), IPv6-only, or dual-stack connectivity. When using dual-stack, CloudFront will automatically choose between IPv4 and IPv6 addresses to ensure even distribution of traffic towards origin over both. Customers can configure IPv6 origins in all supported AWS Commercial Regions. Customers can configure IPv6-only or dual-stack origins with CloudFront, excluding Amazon S3 and VPC origins. To learn more IPv6 support with CloudFront, visit the CloudFront documentation.

🆕 Amazon CloudFront now supports IPv6 origins, enabling end-to-end IPv6 delivery for web apps, improving network performance, and addressing IPv4 exhaustion. Customers can configure IPv6-only or dual-stack origins in all AWS regions except Amazon S3 and VPC origins.

#AWS #AmazonCloudfront

2 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
6 months ago
Amazon CloudFront launches TLS security policy with post-quantum support Amazon CloudFront announces support for hybrid post-quantum key establishment across all existing Transport Layer Security (TLS) security policies, providing enhanced protection against future quantum computing threats for client-to-edge connections. Additionally, CloudFront launched a new TLS 1.3 only security policy that enhances TLS options between viewers and edge locations. These updates allow customers to leverage quantum-resistant encryption while having more flexibility in configuring their CloudFront distributions to meet specific security and compliance requirements. The post-quantum cryptography (PQC) capabilities are automatically enabled for client-to-edge connections, providing future-proof encryption that ensures long-term data security and regulatory compliance readiness. PQC support is available on all existing security policies by default, requiring no customer configuration. The new TLS1.3_2025 policy, which supports TLS 1.3 only, enables customers to leverage the latest TLS protocol, which provides improved security and performance compared to earlier TLS versions. This is particularly useful for organizations that enforce using the most up-to-date security standards. These PQC capabilities and new security policy are available in all CloudFront edge locations. There are no additional charges for using PQC or the TLS1.3_2025 policy. To learn more about Post Quantum Cryptography and this new TLS policy and how to implement them in your CloudFront distributions, visit the CloudFront documentation. https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html.

Amazon CloudFront launches TLS security policy with post-quantum support

Amazon CloudFront announces support for hybrid post-quantum key establishment across all existing Transport Layer Security (TLS) security policies, providing enhanced protection against future quan...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
6 months ago
Preview
Amazon CloudFront launches TLS security policy with post-quantum support Amazon CloudFront announces support for hybrid post-quantum key establishment across all existing Transport Layer Security (TLS) security policies, providing enhanced protection against future quantum computing threats for client-to-edge connections. Additionally, CloudFront launched a new TLS 1.3 only security policy that enhances TLS options between viewers and edge locations. These updates allow customers to leverage quantum-resistant encryption while having more flexibility in configuring their CloudFront distributions to meet specific security and compliance requirements. The post-quantum cryptography (PQC) capabilities are automatically enabled for client-to-edge connections, providing future-proof encryption that ensures long-term data security and regulatory compliance readiness. PQC support is available on all existing security policies by default, requiring no customer configuration. The new TLS1.3_2025 policy, which supports TLS 1.3 only, enables customers to leverage the latest TLS protocol, which provides improved security and performance compared to earlier TLS versions. This is particularly useful for organizations that enforce using the most up-to-date security standards. These PQC capabilities and new security policy are available in all CloudFront edge locations. There are no additional charges for using PQC or the TLS1.3_2025 policy. To learn more about Post Quantum Cryptography and this new TLS policy and how to implement them in your CloudFront distributions, visit the CloudFront documentation. CloudFront documentation.

🆕 Amazon CloudFront adds post-quantum security to all TLS policies and launches a new TLS 1.3-only policy for enhanced protection against quantum threats, with no extra charges. PQC enabled by default for client-to-edge connections.

#AWS #AmazonCloudfront

1 0 0 0
Nathan Hubbard
Nathan Hubbard
@n8foo.macaw.social.ap.brid.gy
7 months ago

Coworker said "CloudRunt" on accident and that is the new name forever. #AmazonCloudfront #cloudfront

0 0 0 0
AWS News(Unofficial)
AWS News(Unofficial)
@awsnews.bsky.social
8 months ago
Amazon CloudFront announces support for HTTPS DNS records Today, Amazon CloudFront announces support for HTTPS resource records in Amazon Route 53.HTTPS resource records allow domain name systems (DNS) such as Amazon Route 53 to provide additional information such as supported HTTP protocol versions and port numbers before the HTTP connection is attempted. This helps clients establish the initial connection using their preferred HTTP protocol to improve application performance and security. By using the HTTPS DNS records during DNS lookup, clients can discover the CloudFront capabilities that boost application performance and security. For example, clients can identify if HTTP/3 is enabled on the CloudFront distribution, without the need for additional round-trips (RTT) to negotiate HTTP protocols after the DNS lookup. This can reduce application load times, especially in regions with limited network infrastructure. By providing secure connection information upfront, HTTPS DNS records streamline the process of establishing secure connections to CloudFront distributions. Additionally, customers using Route 53 can benefit from free HTTPS record queries when using CloudFront alias records, reducing DNS costs. HTTPS DNS records are supported from all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. To learn more about implementing this feature and its benefits, read our detailed https://aws.amazon.com/blogs/networking-and-content-delivery/boost-application-performance-amazon-cloudfront-enables-https-record/.  

Amazon CloudFront announces support for HTTPS DNS records

Today, Amazon CloudFront announces support for HTTPS resource records in Amazon Route 53.HTTPS resource records allow domain name systems (DNS) such as Amazon Route 53 to provide additional information such as su...

#AWS #AmazonCloudfront

1 0 0 0
AWS News Feed on 🦋
AWS News Feed on 🦋
@awsrecentnews.bsky.social
8 months ago
Preview
Amazon CloudFront announces support for HTTPS DNS records Today, Amazon CloudFront announces support for HTTPS resource records in Amazon Route 53.HTTPS resource records allow domain name systems (DNS) such as Amazon Route 53 to provide additional information such as supported HTTP protocol versions and port numbers before the HTTP connection is attempted. This helps clients establish the initial connection using their preferred HTTP protocol to improve application performance and security. By using the HTTPS DNS records during DNS lookup, clients can discover the CloudFront capabilities that boost application performance and security. For example, clients can identify if HTTP/3 is enabled on the CloudFront distribution, without the need for additional round-trips (RTT) to negotiate HTTP protocols after the DNS lookup. This can reduce application load times, especially in regions with limited network infrastructure. By providing secure connection information upfront, HTTPS DNS records streamline the process of establishing secure connections to CloudFront distributions. Additionally, customers using Route 53 can benefit from free HTTPS record queries when using CloudFront alias records, reducing DNS costs. HTTPS DNS records are supported from all edge locations. This excludes Amazon Web Services China (Beijing) region, operated by Sinnet, and the Amazon Web Services China (Ningxia) region, operated by NWCD. To learn more about implementing this feature and its benefits, read our detailed blog post.

🆕 Amazon CloudFront now supports HTTPS DNS records in Route 53, enhancing connection security and performance by providing protocol info upfront, reducing RTTs, and offering free queries for CloudFront alias records. Not available in AWS China regions.

#AWS #AmazonCloudfront

2 0 0 0
気になるITニュース
気になるITニュース
@news-it.bsky.social
9 months ago
Preview
ITちゃんねる AWS、新しい「Amazon CloudFront」を提供開始、Webアプリの本番環境移行が容易に #AmazonCloudFront #ITニュース

AWS、新しい「Amazon CloudFront」を提供開始、Webアプリの本番環境移行が容易に
#AmazonCloudFront #ITニュース

0 0 0 0