Vendor services misconfigurations

CloudFront distributions origin failover is not configured

Risk Level

Informational (4)

Platform(s)

Description

We have found that the Cloudfront distribution {AwsCloudFront} origin failover is not configured. Amazon CloudFront is a high-performance content delivery network (CDN) service that securely delivers data, videos, apps, and APIs to customers around the world with low latency and high transfer speeds. Amazon CloudFront distribution can have origin group with multiple origins configured, when an origin group with two or more origin is configured then distribution have an origin failover, CloudFront origin failover can increase availability.
  • Recommended Mitigation

    It is recommended to consider to configure origin group with two or more origin for CloudFront distribution {AwsCloudFront}. This configuration will creat origin failover in the CloudFront distribution that can increase availability. Origin failover automatically redirects traffic to a secondary origin in a case that the primary origin is not available or if it returns specific HTTP response status codes. For more information: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html