Best ever !!! if you have a time so can you please make a whole video about all the security speciallity and if that is present so can you please paste a like !! I clear so much amount of concepts from you !! Thanks brother ! :X)
Even if Request is reaching Cloudfront but still Cloudfront will have data about Origin (source) right. In that case, it's vulnerable for attack to fetch source details.
What if at Origin the source file got updated? How Edge Location will know it? Is there any mechanism that CloudFront uses to fetch updated data from it's source and keep local cache updated?