Step 6: Use CloudFront (Optional)

JFrog Installation & Setup Documentation

Content Type
Installation & Setup

To further optimize direct cloud storage downloads, Artifactory lets you specify CloudFront settings which will determine in which locations your artifacts will physically reside which means downloads from your S3 bucket will be via a rapid CDN.

To use CloudFront with direct cloud storage downloads, follow the steps below:

  1. Create a CloudFront distribution as described in Getting Started with CloudFront in the AWS documentation.

  2. Generate a key pair as described in Creating CloudFront Key Pairs for Your Trusted Signers in the AWS documentation.

  3. In the AWS console, under CloudFront | Behaviors, set a pattern on the distribution with Forward Query Strings = yes. This allows files to be downloaded using the actual filename as opposed to their SHA1 value.

  4. Match up your distribution with your S3 bucket.


    Make sure that the distribution points to the same S3 bucket configured in your S3 Binary Provider in your $JFROG_HOME/artifactory/var/etc/artifactory/binarystore.xml file.

  5. In your binarystore.xml file, for s3-storage-v3 set enableSignedUrlRedirect to true.

  6. Set the following CloudFront parameters in the Amazon S3 Official SDK Template of your binarystore.xml file:Amazon S3 Official SDK Template




    The unique domain provided by AWS


    The unique identifier of the key pair you created in step 2 above


    The private key you created in step 2 above, in the following format:



    -----END RSA PRIVATE KEY-----

    The following snippet shows an example of how these parameters may look in your binarystore.xml file:

     <cloudFrontPrivateKey>-----BEGIN RSA PRIVATE KEY-----
     -----END RSA PRIVATE KEY-----