How does CloudFront caching behavior change when you forward all headers vs. only specific headers?

What are signed URLs used for in CloudFront, and how do they enhance security?

How does CloudFront handle Geo-Restriction?

How does CloudFront support origin failover?

What are the differences between “Restrict Viewer Access” and “Restrict Bucket Access” in CloudFront?