Skip to main content

CloudFront distributions should have origin failover configured

Severity: Low

Resource Types: AWS::CloudFront::Distribution

Description

This control checks whether an Amazon CloudFront distribution is configured with an origin group that has two or more origins.

CloudFront origin failover can increase availability. Origin failover automatically redirects traffic to a secondary origin if the primary origin is unavailable or if it returns specific HTTP response status codes.

Remediation

For detailed remediation instructions, see Creating an origin group.