I want to know what protocols I can use with my Amazon CloudFront distribution.
Resolution
CloudFront supports HTTP, HTTPS, and WebSocket as distribution protocols.
HTTP versions for CloudFront and viewer connections
CloudFront supports HTTP versions 1.0, 1.1, 2, and 3. HTTP versions 1.0 and 1.1 are turned on for all distributions by default. You can turn HTTP version 2 and 3 on or off. To turn on support for HTTP versions 2 and 3, open the General tab of your distribution configuration.
To use HTTP/2, the viewer must support TLS version 1.2 or later and Server Name Identification (SNI). CloudFront doesn't offer native support for gRPC over HTTP/2. To use HTTP/3, the viewer must support TLSv1.3 and SNI.
HTTP versions for CloudFront and custom origins
CloudFront uses HTTP/1.1 to forward requests to a custom origin. You can't use HTTP/2 between CloudFront and custom origins. For more information, see Request and response behavior for custom origins.
Supported WebSocket connections
CloudFront supports WebSocket connections globally with no required additional configuration. To establish a WebSocket connection, the client uses HTTP upgrade semantics to send an HTTP request to change the protocol.
The WebSocket protocol uses port 80 for regular WebSocket connections and port 443 for WebSocket connections over TLS/SSL by default. The options that you select for your CloudFront viewer protocol policy and protocol (custom origins only) apply to WebSocket connections and HTTP traffic. For more information, see Use WebSockets with CloudFront distributions.
Related information
Distribution settings reference
Supported protocols and ciphers between viewers and CloudFront