AWS AmazonCloudFront high security documentation change
Summary
Added warning about minimum TTL overriding Cache-Control headers
Security assessment
Duplicate of the TTL warning added elsewhere. Highlights potential security risk of caching sensitive content against origin directives.
Diff
diff --git a/AmazonCloudFront/latest/DeveloperGuide/cache-key-understand-cache-policy.md b/AmazonCloudFront/latest/DeveloperGuide/cache-key-understand-cache-policy.md index 1bba9c296..264343e16 100644 --- a//AmazonCloudFront/latest/DeveloperGuide/cache-key-understand-cache-policy.md +++ b//AmazonCloudFront/latest/DeveloperGuide/cache-key-understand-cache-policy.md @@ -33,0 +34,4 @@ The minimum amount of time, in seconds, that you want objects to stay in the Clo +###### Warning + +If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the `Cache-Control: no-cache`, `no-store`, or `private` directives are present in the origin headers. +