| AC_AWS_0389 | Ensure feature to compress objects automatically is configured for AWS Cloudfront | AWS | Compliance Validation | LOW |
| AC_AWS_0548 | Ensure logging is enabled for AWS CloudFront | AWS | Logging and Monitoring | MEDIUM |
| AC_AWS_0020 | Ensure failover criteria is set for AWS Cloudfront Distribution | AWS | Resilience | MEDIUM |
| AC_AWS_0547 | Ensure there is an encrypted connection between AWS CloudFront server and Origin server | AWS | Data Protection | HIGH |
| AC_AWS_0173 | Ensure a default root object is configured for AWS Cloudfront Distribution | AWS | Infrastructure Security | MEDIUM |
| AC_AWS_0394 | Ensure secure ciphers are used for AWS CloudFront distribution | AWS | Data Protection | HIGH |
| AC_AWS_0032 | Ensure a web application firewall is enabled for AWS CloudFront distribution | AWS | Infrastructure Security | MEDIUM |
| AC_AWS_0232 | Ensure insecure SSL protocols are not configured for AWS CloudFront origin | AWS | Infrastructure Security | MEDIUM |
| AC_AWS_0388 | Ensure field-level encryption is enabled for AWS CloudFront distribution | AWS | Data Protection | MEDIUM |
| AC_AWS_0390 | Ensure origin access identity is enabled for AWS CloudFront distributions with S3 origin | AWS | Identity and Access Management | MEDIUM |
| AC_AWS_0549 | Ensure geo-restriction is enabled for AWS CloudFront | AWS | Infrastructure Security | LOW |
