AWS::CloudFront::OriginAccessControl

CloudFront OriginAccessControl

Creates a new origin access control in CloudFront. After you create an origin access control, you can add it to an origin in a CloudFront distribution so that CloudFront sends authenticated (signed) requests to the origin. This makes it possible to block public access to the origin, allowing viewers (users) to access the origin's content only through CloudFront. For more information about using a CloudFront origin access control, see [Restricting access to an origin](https://docs.aws.amazon...

Properties

1 configurable property. 1 required. Click a row to see details.

Filter:

Property	Type	Flags
`OriginAccessControlConfig`	`OriginAccessControlConfig`	Required

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Id`	`string`	-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::CloudFront::OriginAccessControl

Resources:
  MyResource:
    Type: AWS::CloudFront::OriginAccessControl
    Properties:
      OriginAccessControlConfig: "value"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

cloudfront:CreateOriginAccessControl

delete

cloudfront:DeleteOriginAccessControlcloudfront:GetOriginAccessControl

list

cloudfront:ListOriginAccessControls

read

cloudfront:GetOriginAccessControl

update

cloudfront:UpdateOriginAccessControlcloudfront:GetOriginAccessControl

Get the CloudFront Cheat Sheet

Everything you need to know about CloudFront on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceCloudFront

Properties2

Required1

TaggingNot supported

Primary IDId

Supported Operations

CreateDeleteListReadUpdate

Related Resources

External Links

AWS Documentation