1. Open the AWS Management Console and navigate to the CloudFront service.
2. Select the distribution that needs to be remediated.
3. Click on the “Behaviors” tab.
4. Click on the “Create Behavior” button.
5. In the “Create Behavior” dialog box, set the following values:

• Path Pattern: *
• Viewer Protocol Policy: Redirect HTTP to HTTPS
• Allowed HTTP Methods: GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
• Compress Objects Automatically: Yes
• Cache Based on Selected Request Headers: None

6. Click on the “Create” button to create the new behavior.
7. Wait for the distribution to update and propagate the changes.

​

1. Open the AWS CLI on your local machine.
2. Run the following command to get the ID of the distribution for which you want to enable automatic compression:
   Copy

   Ask AI

   aws cloudfront list-distributions --query "DistributionList.Items[].{Id:Id,DomainName:DomainName}"
   

   This will return a list of all your CloudFront distributions along with their IDs and domain names.
3. Once you have the distribution ID, run the following command to update the distribution configuration to enable automatic compression:
   Copy

   Ask AI

   aws cloudfront update-distribution --id <distribution-id> --distribution-config '{"Enabled":true,"Compress":true,"DefaultCacheBehavior":{"Compress":true}}'
   

   Replace <distribution-id> with the ID of the distribution you want to update.
4. After running the above command, the distribution configuration will be updated to enable automatic compression for web content.
5. Verify the changes by running the following command:
   Copy

   Ask AI

   aws cloudfront get-distribution --id <distribution-id> --query "Distribution.DistributionConfig.DefaultCacheBehavior"
   

   This will return the configuration of the default cache behavior for the distribution, which should now have the “Compress” property set to true.

1. Import the required AWS SDK modules using the following code:

import boto3
from botocore.exceptions import ClientError

2. Create a boto3 client for CloudFront using the following code:

client = boto3.client('cloudfront')

3. Get a list of all CloudFront distributions using the following code:

try:
    response = client.list_distributions()
    distributions = response['DistributionList']['Items']
except ClientError as e:
    print(e)

4. Iterate through each distribution and check if it has a default cache behavior with a gzip compression enabled using the following code:

for distribution in distributions:
    try:
        response = client.get_distribution_config(Id=distribution['Id'])
        config = response['DistributionConfig']
        if config['DefaultCacheBehavior']['Compress']:
            print(f"Gzip compression is already enabled for {distribution['Id']}")
        else:
            config['DefaultCacheBehavior']['Compress'] = True
            response = client.update_distribution(
                DistributionConfig=config,
                Id=distribution['Id'],
                IfMatch=response['ETag']
            )
            print(f"Gzip compression enabled for {distribution['Id']}")
    except ClientError as e:
        print(e)

5. Save the Python script and run it to remediate the misconfiguration.