0

I am trying to learn CloudFront, but it seems my distribution is not caching data correctly.

I have an S3 bucket in Tokyo (I am in North America). I am trying to access the following file with the following permissions. The file and the bucket are public.

S3 Bucket and File

The object can be viewed here, and is just a simple jpeg file.

I then went and created a CloudFront CDN. I selected the tokyo bucket as the origin, but kept all other values the default. I am using all edge locations for caching.

enter image description here

However, no matter how many times I access the S3 object in chrome (it is a jpeg file), the download speeds never seem to go below 5-7 seconds.

enter image description here

Also, the CloudFront does not have any cache statistics, which leads me to believe it is not even caching anything at all.

enter image description here

What have I done wrong? I can provide more information if necessary.

EDIT:

I guess the issue was that I was using S3's URL, when I should have been using CloudFront's URL. But that doesn't explain the "Restrict Bucket Access" setting, which seems to imply that one should be able to access content via the S3 URL and STILL have CloudFront cache it on the edge location. Or maybe I am not understanding this setting correctly?

enter image description here

Community
  • 1
Timothy Pulliam
  • 259
  • 1
  • 8
  • Can you give us the URL of the object so we can take a look at it? – ceejayoz Jul 11 '18 at 13:18
  • @ceejayoz, of course. https://s3-ap-northeast-1.amazonaws.com/linuxandchill-tokyo/bw-pier.jpg – Timothy Pulliam Jul 11 '18 at 13:21
  • `curl -I https://d2vxly4ihmtmxy.cloudfront.net/bw-pier.jpg` gives me `x-cache: Hit from cloudfront` on subsequent requests and it loads extremely quickly. – ceejayoz Jul 11 '18 at 13:28
  • Using that URL it works quickly for me as well. I am wondering why I cannot use the URL of the S3 bucket though? – Timothy Pulliam Jul 11 '18 at 13:36
  • 2
    Wait, you're using the S3 URL? To test *Cloudfront's* caching? Cloudfront doesn't do anything if you **skip it**... – ceejayoz Jul 11 '18 at 13:52
  • @ceejayoz See my edit – Timothy Pulliam Jul 11 '18 at 14:00
  • "Restrict bucket access" just locks people out of the S3 URLs (they'll get an "AccessDenied" response). If you want to use Cloudfront, you have to use Cloudfront URLs. Always. – ceejayoz Jul 11 '18 at 14:02
  • @ceejayoz Thanks, that was exactly what I was looking for. – Timothy Pulliam Jul 11 '18 at 14:05
  • 2
    Minor clarificarion on the comment by @ceejayoz, "Restrict bucket access" is not a well-named option -- it implies more than it actually does. It should have been called something more like "Configure CloudFront to Use Credentials to Access the Bucket" or "Assume Restricted Bucket Access." This option and public content in the bucket (directly accessible via the S3 URL) are not mutually-exclusive, and selecting it does not make public objects private. – Michael - sqlbot Jul 11 '18 at 17:44

0 Answers0