CloudFront

CloudFront is used to serve images for emails.

Attention

If images are changed in git, the cache isn’t invalidated! Read Invalidate files to remove content for options.

Attention

Do not delete images from git. Old emails continue to reference old images.

Tip

Use CloudFront’s Reports & analytics to check Popular objects and other statistics.

Configuration

General

  • Price class: Use only North America and Europe (nearby region and lowest price)

  • Alternate domain name (CNAME): cdn.credere.open-contracting.org

  • Custom SSL certificate: Click Request certificate

  • Supported HTTP versions: HTTP/2

  • Standard logging: Off (requires S3)

  • IPv6: On

Security

Disabled

Origins

  • Origin domain: credere.open-contracting.org

  • Protocol: HTTPS only

  • Minumum Origin SSL protocol: TLSv1.2

  • Enable Origin Shield: No

Behaviors › Default (*)

  • Compress objects automatically: No

  • Viewer protocol policy: HTTPS only

  • Allowed HTTP methods: GET, HEAD

  • Restrict viewer access: No

Cache policy and origin request policy

Then, create behaviors for the /*.jpg and /*.png paths with the same configuration, except with a Cache policy of CachingOptimizedForUncompressedObjects (binary files are already compressed).

Note

credere-frontend’s public directory also contains .avif, .jpeg, .svg and font files, but these are not referenced by email templates. Emails use the CDN, because they produce more traffic spikes.