This document describes how to accelerate access to resources in COS through CDN in the COS Console.

Prerequisites

1. You have registered for a Tencent Cloud account and verified your identity.
2. You have activated the CDN service. For more information, please see Getting Started.

Operation Guide

Creating a bucket

For more information on how to create a bucket, please see Creating Buckets.

Configuring Acceleration

1. After creating a bucket, enter its configuration management page directly. You can also click Configuration Management in the "Operation" column of the bucket in the bucket list to enter its configuration management page.
2. Enable the default acceleration domain name.
   Generated by the system, the default acceleration domain name is the domain name passing through CDN cache nodes. You can choose to enable or disable it.
   (1) Click Edit next to the default acceleration domain name to manually enable or disable it on the default acceleration configuration page.
   
   (2) Configure the default acceleration:
   

Origin server type: Default type is default origin server, but if you have enabled static website for the origin server bucket and want to accelerate content delivery for the static website, select static website origin server.
Origin-Pull Authentication: For public-read buckets, origin-pull authentication does not need to be enabled. For private-read buckets, CDN service authorization must be added and origin-pull authentication must be enabled manually. For more information, please see Enabling Origin-pull Authentication.
CDN service authorization: Click Add CDN service authorization to select and grant CDN access to resources in the bucket.

(3) After completing the configuration, click Save to activate CDN acceleration.

For private-read buckets, if both origin-pull authentication and CDN service authorization are enabled, signature is not required for access to origin server via CDN, and cached resources in CDN will be distributed on the public network, which will affect data security. Therefore, we recommended you enable CDN authentication.

3. Enable custom acceleration domain name*.
   You can bind a filed custom domain name to the bucket and enable CDN acceleration.

   A maximum of 10 custom domain names can be added on the COS Console

   (1) Click Add domain name in the custom acceleration domain name module to add a filed custom domain name.
   
   (2) Configuration to add domain names:

Domain Name: Enter the custom domain name to be bound (e.g. www.example.com). Ensure that the ICP filing for services in Mainland China has been obtained from the MIIT for the domain name, and a corresponding CNAME has been configured for the domain name with the DNS service provider. For more information, please see CNAME Configuration.
Origin-Pull Authentication: for private-read buckets, please manually enable origin-pull authentication to protect the origin server.
After completing the configuration, click Save.

For private-read buckets, if both origin-pull authentication and CDN service authorization are enabled, signature is not required for access to origin server via CDN, and cached resources in CDN will be distributed on the public network, which will affect data security. Therefore, we recommend you enable CDN authentication.

(3) After the configuration is saved, CDN authentication switch will be displayed in the CDN Authentication column. You can manually enable CDN authentication for the custom domain name.
CDN Authentication: Timestamp authentication can be configured to prevent stealing by malicious users. You can enable the feature after adding the domain name.

For more information on how to configure CDN acceleration in the COS Console, please see Overview.