AWS Security ChangesHomeSearch

AWS AmazonCloudFront high security documentation change

Service: AmazonCloudFront · 2025-11-25 · Security-related high

File: AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.md

Summary

Added note about CloudFront Functions being triggered during TLS connection establishment for mutual TLS

Security assessment

Explicitly ties CloudFront Functions to mutual TLS (mTLS) implementation, which is a security feature requiring client authentication during TLS handshake.

Diff

diff --git a/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.md b/AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.md
index 7453e8b6e..6278d0425 100644
--- a//AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.md
+++ b//AmazonCloudFront/latest/DeveloperGuide/cloudfront-functions.md
@@ -14,0 +15,2 @@ When you associate a CloudFront function with a CloudFront distribution, CloudFr
+  * During TLS connection establishment (connection request) - currently available for mutual TLS (mTLS) connections
+