I am working on a multi-region solution for my current architecture. We use CloudFormation for defining the infrastructure. A piece of that architecture is a Cloudfront distribution which takes the user to an S3 bucket. I know I will have to create a failover for S3, in case one of the regions goes down, but what about CF distribution? I know CF is a global service, so it doesn't need a replica?
Here's the CF distribution we have:
IVRSpeechContentCFDistro:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Aliases:
- !FindInMap [ EnvMappings, !Ref StageName, domain ]
HttpVersion: http2
ViewerCertificate:
AcmCertificateArn: !FindInMap [ EnvMappings, !Ref StageName, ssl ]
MinimumProtocolVersion: TLSv1.2_2021
SslSupportMethod: sni-only
Enabled: True
DefaultCacheBehavior:
CachePolicyId: xxxxxx
AllowedMethods:
- GET
- HEAD
- OPTIONS
TargetOriginId: !Sub "xxxxxx"
ViewerProtocolPolicy: https-only
Origins:
- Id: !Sub "xxxxxxx"
DomainName: !GetAtt bucket.RegionalDomainName
S3OriginConfig:
OriginAccessIdentity: !Sub
- "origin-access-identity/cloudfront/${ID}"
- { ID: !Ref identity }
CloudFront is global service, so you can't make any "replica" of it in other region, just like you can't make a "replica" of IAM or Route53. But you can setup CloudFront origin failover. This makes it that:
CloudFront automatically switches to the second origin when the primary origin returns specific HTTP status code failure responses.