For web distributions, CloudFront provides several options for securing content that it delivers, including configuring HTTPS connections, using AWS WAF to control access to your content, or setting up field-level encryption for specific content fields.
In addition, you can prevent users in specific geographic locations from accessing content distributed through a web distribution.
You also have the option of limiting access to private content by requiring that users access that content by using CloudFront signed URLs or signed cookies.
|• Using HTTPS with CloudFront
|• Using Alternate Domain Names and HTTPS
|• Serving Private Content with Signed URLs and Signed Cookies
|• Restricting Access to Amazon S3 Content by Using an Origin Access Identity
|• Using AWS WAF to Control Access to Your Content
|• Restricting the Geographic Distribution of Your Content
|• Using Field-Level Encryption to Help Protect Sensitive Data