Medium

Ensure CloudFront web distributions are configured to compress objects (files) automatically

AWS Cost Optimization
GDPR
NIST4
Description

Ensure that your Amazon Cloudfront Content Delivery Network (CDN) distributions are optimized for cost and speed by enabling automatic compression of web content. When compression is enabled, web files are smaller and therefore faster to download, resulting in faster rendering of web pages for users. Additionally, sending compressed files to viewers is less expensive than sending uncompressed files, as the cost of Cloudfront data transfer is based on the total amount of data served. AWS Cloudfront automatically compresses files of certain types for both Amazon S3 origins and custom origins. Be sure to configure your distributions to automatically compress content for web requests that include "Accept-Encoding: gzip" in the request header to maximize performance and reduce bandwidth costs.

Remediation

To ensure that your Amazon CloudFront web distributions are configured to compress objects automatically and improve web application performance, follow these remediation steps:

  1. Sign in to the AWS Management Console and navigate to the CloudFront console.
  2. Select the CloudFront distribution that you want to configure for automatic compression.
  3. Click on the "Behaviors" tab.
  4. Select the behavior that you want to enable automatic compression for, and click "Edit".
  5. Under "Compression", select "Yes" for "Compress Objects Automatically".
  6. Click "Yes, Edit" to save your changes.
  7. Verify that the compression is enabled by checking the "Content-Encoding" header in the response headers of the compressed object.

By enabling automatic compression for your CloudFront web distributions, you can reduce the amount of data transferred between CloudFront and your viewers, which can lead to faster page load times and lower bandwidth costs. AWS CloudFront compresses certain types of files for both Amazon S3 origins and custom origins.

Enforced Resources
CloudFront
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.