Sometimes it’s hard to figure out what’s going on in Amazon Web Services when you’re getting an error and you don’t know why.

In this case, a CloudFront distribution I pointed at EC2 was failing with a 503 Service Unavailable error.

Hitting the EC2 instance directly loaded the content just fine. So why was CloudFront complaining?

After looking around online, I saw that no one had mentioned a very specific error. But in my search I found that CloudFront server errors are cached for 5 minutes before the distributions try to hit the server again. So that was helpful information.

Usually, CloudFront distributions are applied to S3 buckets. The S3 content is basically treated as a static host, which then hands all of it’s magical content out to any one of the CloudFront servers that is being asked for the content.

However, you can also hook CloudFront up to EC2 instances… But to do so, you need to put the instance behind an Elastic Load Balancer. Once that’s done, you can manually add the ELB as an origin instead of an S3 bucket.

But what I didn’t find in google searches?

ELB’s do error checks against EC2. If the check fails, it pulls the EC2 instance out of the ELB because it thinks the server is broken.

So, if you’re getting a 503 error when using CloudFront with EC2, check you ELB!