Vendor services misconfigurations

CloudFront distributions origin failover is not configured

Platform(s)
Compliance Frameworks
  • AWS Foundational Security Best Practices Controls
  • ,
  • CCM-CSA
  • ,
  • CCPA
  • ,
  • CPRA
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • PDPA
  • ,
  • UK Cyber Essentials

Description

We have found that the Cloudfront distribution {AwsCloudFront} origin failover is not configured. Amazon CloudFront is a high-performance content delivery network (CDN) service that securely delivers data, videos, apps, and APIs to customers around the world with low latency and high transfer speeds. Amazon CloudFront distribution can have origin group with multiple origins configured, when an origin group with two or more origin is configured then distribution have an origin failover, CloudFront origin failover can increase availability.