Amazon CloudFront

Least Privileged User

Navigate to the AWS console and create an IAM user with programmatic access. The user will need the following permissions. You can create a policy specifically for these permissions and apply the permissions to the user.

For more information, see: High Level AWS Source Configuration

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "VisualEditor0",
      "Effect": "Allow",
      "Action": [
        "cloudfront:ListDistributions",
        "cloudfront:ListStreamingDistributions",
        "cloudwatch:GetMetricStatistics",
        "cloudwatch:ListMetrics"
      ],
      "Resource": "*"
    }
  ]
}

Connection Parameters

NameRequired?Description
Region
Access Key IDRequired
Secret Access KeyRequired
Additional ThreadsThe number of additional threads allowed to be utilized during collection.
Request Timeout (seconds)The number of seconds to allow for the API to return a response.
Collect CloudWatch Metrics
CloudWatch Historic ModeIf enabled, retrieves a history of data points from CloudWatch. Otherwise, collects only the most recent data point for each metric.

Metrics

Distribution

NameDescription
4xx Error Rate (%)The percentage of all requests for which the HTTP status code is 4xx
5xx Error Rate (%)The percentage of all requests for which the HTTP status code is 5xx
AliasesThe comma seperated list of CNAMEs (alternate domain names) for the distribution.
ARNThe Amazon Resource Name for the distribution.
CommentThe comment originally specified when the distribution was created.
Data Downloaded (Bytes)The number of bytes downloaded by viewers for GET, HEAD, and OPTIONS requests.
Data Uploaded (Bytes)The number of bytes uploaded to your origin with CloudFront using POST and PUT requests.
Delivery MethodDistributions with Web delivery methods are normal. Those with RTMP delivery methods are streaming.
Distribution IdThe Distribution Identifier.
Domain NameThe domain name that corresponds to the distribution.
EnabledWhether the distribution is enabled to accept user requests for content.
Geo RestrictionThe list of locations CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist).
Geo Restriction TypeThe type of Geo-location Restriction list (white or black).
HTTP VersionSpecify the maximum HTTP version that you want viewers to use to communicate with CloudFront.
IPv6 EnabledWhether CloudFront responds to IPv6 DNS requests with an IPv6 address for the distribution.
Price ClassThe class of pricing that is applied to the distribution.
RegionThe AWS Region this object belongs to.
RequestsThe number of requests for all HTTP methods and for both HTTP and HTTPS requests.
StatusThe current status of the distribution.
Total Error Rate (%)The percentage of all requests for which the HTTP status code is 4xx or 5xx.
Viewer CertificateSpecifies which certificate to use when viewers use HTTPS to request objects.
Web ACL IDThe Web ACL Id associated with the distribution.