How to Set Cache Policy in AWS CloudFront
To set a cache policy in
CloudFront, create or select a CachePolicy and attach it to your distribution's cache behavior. This policy controls how CloudFront caches content based on headers, cookies, query strings, and TTL settings.Syntax
When configuring a CloudFront distribution, you specify a CachePolicyId in the cache behavior settings. The cache policy defines caching rules like TTL (time to live), headers, cookies, and query strings to include in the cache key.
Key parts:
- CachePolicyId: The ID of the cache policy to use.
- TTL settings: Minimum, maximum, and default time CloudFront caches objects.
- Headers, Cookies, Query Strings: Specify which request parts affect caching.
json
{
"CacheBehavior": {
"PathPattern": "string",
"TargetOriginId": "string",
"CachePolicyId": "string",
"ViewerProtocolPolicy": "string"
// other settings
}
}Example
This example shows how to create a CloudFront distribution with a custom cache policy that caches based on all query strings and sets TTL values.
json
{
"DistributionConfig": {
"CallerReference": "unique-string",
"Origins": {
"Items": [
{
"Id": "myOrigin",
"DomainName": "example.com"
}
],
"Quantity": 1
},
"DefaultCacheBehavior": {
"TargetOriginId": "myOrigin",
"ViewerProtocolPolicy": "redirect-to-https",
"CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6"
},
"Enabled": true
}
}Output
CloudFront distribution created with custom cache policy ID 658327ea-f89d-4fab-a63d-7e88639e58f6
Common Pitfalls
Common mistakes when setting cache policies include:
- Using the default cache policy without customizing TTLs, leading to stale or overly fresh content.
- Not including necessary headers, cookies, or query strings in the cache key, causing incorrect content to be served.
- Confusing
CachePolicyIdwithOriginRequestPolicyId, which controls what CloudFront sends to the origin.
Always verify your cache policy matches your content and user needs.
json
{
"DefaultCacheBehavior": {
"TargetOriginId": "myOrigin",
"ViewerProtocolPolicy": "allow-all"
// Missing CachePolicyId leads to default caching
}
}
{
"DefaultCacheBehavior": {
"TargetOriginId": "myOrigin",
"ViewerProtocolPolicy": "redirect-to-https",
"CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6"
}
}Quick Reference
| Setting | Description |
|---|---|
| CachePolicyId | ID of the cache policy to apply |
| TTL (Min, Default, Max) | Time CloudFront caches objects before checking origin |
| Headers | Request headers included in cache key |
| Cookies | Cookies included in cache key |
| Query Strings | Query strings included in cache key |
| ViewerProtocolPolicy | HTTP or HTTPS behavior for viewers |
Key Takeaways
Attach a CachePolicyId to your CloudFront cache behavior to control caching.
Customize TTL and cache key settings to match your content delivery needs.
Include necessary headers, cookies, and query strings in the cache key to avoid serving wrong content.
Do not confuse CachePolicyId with OriginRequestPolicyId; they serve different purposes.
Use AWS Console or Infrastructure as Code tools like CloudFormation or Terraform for managing cache policies.