Amazon CloudFront is a web service that speeds up distribution of your static and dynamic web content, such as .html, .css, .js, and image files, to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you’re serving with CloudFront, the user is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance.

• If the content is already in the edge location with the lowest latency, CloudFront delivers it immediately.
• If the content is not in that edge location, CloudFront retrieves it from an origin that you’ve defined—such as an Amazon S3 bucket, an AWS Elemental MediaPackage channel, or an HTTP server (for example, a web server) that you have identified as the source for the definitive version of your content.

Using CloudFront Geo Restriction

You can use geo restriction, also known as geoblocking, to prevent users in specific geographic locations from accessing content that you’re distributing through a CloudFront web distribution. When a user requests your content, CloudFront typically serves the requested content regardless of where the user is located. If you need to prevent users in specific countries from accessing your content, you can use the CloudFront geo restriction feature to do one of the following:

• Allow your users to access your content only if they’re in one of the countries on a whitelist of approved countries.
• Prevent your users from accessing your content if they’re in one of the countries on a blacklist of banned countries.