AWS Support announces two new AWS Trusted Advisor checks that offer best practices for using CloudFront, focusing on security enhancement and performance improvement:

• CloudFront Header Forwarding and Cache Hit Ratio (Performance category): Checks for HTTP request headers that CloudFront forwards to the origin that might significantly reduce the cache hit ratio and increase the load on the origin.
• CloudFront Custom SSL Certificates in the IAM Certificate Store (Security category): Checks for SSL certificates for CloudFront alternate domain names in the IAM certificate store that are expired, will soon expire, use outdated encryption, or are not configured correctly for the distribution.

For more information on Trusted Advisor and descriptions of all 43 checks, visit AWS Trusted Advisor.

Source: Amazon Web Services News