What protocols does CloudFront support?

2 minute read
1

I want to know what protocols I can use with my Amazon CloudFront distribution.

Resolution

CloudFront supports HTTP, HTTPS, and WebSocket as distribution protocols.

HTTP versions for CloudFront and viewer connections

CloudFront supports HTTP versions 1.0, 1.1, 2, and 3. HTTP versions 1.0 and 1.1 are turned on for all distributions by default. You can turn HTTP version 2 and 3 on or off. To turn on support for HTTP versions 2 and 3, open the General tab of your distribution configuration.

To use HTTP/2, the viewer must support TLS version 1.2 or later and Server Name Identification (SNI). CloudFront doesn't offer native support for gRPC over HTTP/2. To use HTTP/3, the viewer must support TLSv1.3 and SNI.

HTTP versions for CloudFront and custom origins

CloudFront uses HTTP/1.1 to forward requests to a custom origin. You can't use HTTP/2 between CloudFront and custom origins. For more information, see Request and response behavior for custom origins.

Supported WebSocket connections

CloudFront supports WebSocket connections globally with no required additional configuration. To establish a WebSocket connection, the client uses HTTP upgrade semantics to send an HTTP request to change the protocol.

The WebSocket protocol uses port 80 for regular WebSocket connections and port 443 for WebSocket connections over TLS/SSL by default. The options that you select for your CloudFront viewer protocol policy and protocol (custom origins only) apply to WebSocket connections and HTTP traffic. For more information, see Use WebSockets with CloudFront distributions.

Related information

Distribution settings reference

Supported protocols and ciphers between viewers and CloudFront

AWS OFFICIAL
AWS OFFICIALUpdated a month ago