What protocols does CloudFront support?
Last updated: 2022-05-10
What protocols can I use with my Amazon CloudFront distribution?
CloudFront supports HTTP, HTTPS, and Websockets as distribution protocols.
HTTP versions for CloudFront and viewer connections
CloudFront supports HTTP versions 1.0, 1.1 and 2 for connections to a viewer. By default, HTTP versions 1.0, 1.1 and 2 are turned on.
To update HTTP settings, access the General tab of your distribution configuration. HTTP version 2 can be turned on or off. To use HTTP version 2, the viewer must support TLS 1.2 or later and Server Name Identification (SNI).
HTTP versions for CloudFront and custom origins
HTTP version 2 is not supported between CloudFront and custom origins. CloudFront forwards requests to a custom origin using HTTP version 1.1. For more information, see Request and response behavior for custom origins.
Supported WebSockets connections
CloudFront supports WebSocket connections globally with no required additional configuration. To establish a Websocket connection, the client sends an HTTP request using HTTP's upgrade semantics to change the protocol.
By default, the WebSocket protocol uses port 80 for regular WebSocket connections and port 443 for WebSocket connections over TLS/SSL. The options that you choose for your CloudFront Viewer protocol policy and Protocol (custom origins only) apply to WebSocket connections and HTTP traffic. For more information, see Using WebSockets with CloudFront distributions.