         | Did this page help you? Yes No Tell us about it... |
Format of Links to Objects
The links you create to your objects can be one of the two types listed in the following table.
| Link Type | Type of Content |
|---|---|
|
Basic |
Used with either a public content distribution, or a private content distribution that doesn't require signed links |
|
Signed |
Used only with a private content distribution that requires signed links |
A private content distribution is one that serves content that is not publicly readable. You can configure a private content distribution to use either basic URLs or signed URLs, but not both. For more information, see Using a Signed URL to Serve Private Content.
When you create a distribution, you receive the CloudFront domain name associated with that distribution. You use that domain name when creating the links to your objects. If you have another domain name you'd rather use, you can use a CNAME alias. For more information, see Using CNAMEs.
Basic Links
A basic link uses this format: http://<domain name>/<object name in
Amazon S3 Origin>.
![[Important]](http://docs.amazonwebservices.com/docs-common/images/important.png) | Important |
|---|---|
If the distribution serves streaming content, additional characters are required in the path to the file. For more information, see Configuring the Media Player. |
For example, let's say you have an Amazon S3 origin with an Amazon S3 bucket called mybucket, and inside the bucket
is a publicly readable object named images/image.jpg.
You create a distribution and indicate mybucket.s3.amazonaws.com will be your
origin server for this distribution.
CloudFront returns d604721fxaaqy9.cloudfront.net as the domain name for your
distribution and EDFDVBD632BHDS5 as the ID for your distribution.
The URL you present to end users to access your object in this example is
http://d604721fxaaqy9.cloudfront.net/images/image.jpg.
Anytime an end user clicks that URL, CloudFront serves that object from the
appropriate edge location. If the object isn't in that edge location, CloudFront goes
to the origin server associated with the EDFDVBD632BHDS5 distribution
(mybucket.s3.amazonaws.com) and gets a copy of that object for the edge
location to serve to the end user.
Signed Links
Signed links are only applicable to private content distributions, and they work only if the distribution is configured to use signed URLs. The URLs include extra information that restricts access to the cached object. For information about the format of signed URLs, see Using a Signed URL to Serve Private Content.
HTTP Secure (HTTPS) Connections
HTTP Secure (HTTPS) links appear identical to standard HTTP links, but have the protocol statement https:// instead of http://. When you use HTTPS links with public key certificates, they validate your site identity and ensure that the data passed to and from your site is encrypted.
By default, CloudFront supports both HTTP and HTTPS connections to distributions. To learn about restricting your distribution so that it is accessible only through HTTPS connections, see Creating Secure HTTPS Connections.
Query String Parameters
If a URL includes any query string parameters, CloudFront ignores them when it identifies the object to serve. For example, all of the following URLs return the same object:
http://d604721fxaaqy9.cloudfront.net/images/image.jpghttp://d604721fxaaqy9.cloudfront.net/images/image.jpg?parameter1=ahttp://d604721fxaaqy9.cloudfront.net/images/image.jpg?parameter1=a¶meter2=b
CloudFront removes query string parameters when it requests the object from the origin server, and then CloudFront logs the request with its query strings. All query strings received are logged, including the query parameters you attach to form a signed URL. For information about logging query string parameters, see Download Distribution File Format
