Amazon CloudFront announces cross-account support for Virtual Private Cloud (VPC) origins, enabling customers to access VPC origins that reside in different AWS accounts from their CloudFront distributions. With VPC origins, customers can have their Application Load Balancers (ALB), Network Load Balancers (NLB), and EC2 Instances in a private subnet that is accessible only through their CloudFront distributions. With the support for cross-account VPC origins in CloudFront, customers can now leverage the security benefits of VPC origins while maintaining their existing multi-account architecture.
Customers set up multiple AWS accounts for better security isolation, cost management, and compliance. Previously, customers could access origins in private VPCs from CloudFront only if CloudFront and the origin were in the same AWS account. This meant customers who had their origins in multiple AWS accounts, had to keep their accounts in public subnets to get the scale and performance benefits of CloudFront. Customers then had to maintain additional security controls, such as access control lists (ACL), at both the edge and within regions, rather than benefiting from the inherent security of VPC origins. Now, customers can use AWS Resource Access Manager (RAM) to allow CloudFront access to origins in private VPCs in different AWS accounts, both within and outside their AWS Organizations and organizational units (OUs). This streamlines security management and reduces operational complexity, making it easy to use CloudFront as the single front door for applications.
VPC origins is available in AWS Commercial Regions only, and the full list of supported AWS Regions is available here. There is no additional cost for using cross-account VPC origins with CloudFront. To learn more about implementing cross-account VPC origins and best practices for multi-account architectures, visit CloudFront VPC origins.
Categories: general:products/amazon-cloudfront,marketing:marchitecture/networking-and-content-delivery
Source: Amazon Web Services
Latest Posts
- (Updated) Microsoft Viva Insights: New prompt categories in the Microsoft Copilot Dashboard [MC1092459]
- (Updated) Microsoft Viva Copilot Analytics launches new agent dashboard [MC1166852]
- AWS Backup now supports AWS KMS customer managed keys with logically air-gapped vaults
- AWS announces a new Regional planning tool in Builder Center
