# CloudFront Overview

* CloudFront is a web service that **speeds up distribution of your static web content**, such as .html, .css, .js, and image files, to your users.<br>
* CloudFront **delivers your content through a worldwide network of data centres called edge locations**.<br>
* When a user requests content that you're serving with CloudFront, **the user is routed to the edge location that provides the lowest latency (time delay)**, so that **content is delivered with the best possible performance**.<br>
* **CloudFront = Static** Content.<br>
* **Cross Region Replication = Dynamic** Content.

## Origin

* An origin is the **location where content is stored**, and **from which CloudFront gets content to serve to viewers**.<br>
* The following are **examples of origins:**
  * A **S3 bucket**.
  * A **S3 bucket that is configured with static website hosting**.
  * An **Elastic Load Balancing load balancer**.
  * **Any other HTTP server**, running on an Amazon EC2 instance or any other kind of host.

## Origin Access Identity (OAI)

* To restrict access to content that you serve from Amazon S3 buckets, **follow these steps:**

  1. Create a special CloudFront user called an origin access identity (OAI) and **associate it with your distribution**.<br>
  2. **Configure your S3 bucket permissions so that CloudFront can use the OAI to access the files** in your bucket and serve them to your users. Make sure that **users can’t use a direct URL to the S3 bucket to access a file there**.

* After you take these steps, **users can only access your files through CloudFront, not directly from the S3 bucket**.

## Geo restriction

* You can use geo restriction, also known as geo blocking, to **prevent users in specific geographic locations from accessing content that you're distributing through a CloudFront web distribution**.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://karansingh.gitbook.io/aws-saa-c02/cloudfront-and-global-accelerator/untitled.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.