AWS Fundamentals Logo
AWS Fundamentals
AWS::CloudFront::OriginAccessControl

CloudFront OriginAccessControl

Creates a new origin access control in CloudFront. After you create an origin access control, you can add it to an origin in a CloudFront distribution so that CloudFront sends authenticated (signed) requests to the origin. This makes it possible to block public access to the origin, allowing viewers (users) to access the origin's content only through CloudFront. For more information about using a CloudFront origin access control, see [Restricting access to an origin](https://docs.aws.amazon...

Properties

1 configurable property. 1 required. Click a row to see details.

Filter:
PropertyTypeFlags
OriginAccessControlConfig
OriginAccessControlConfig
Required

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

AttributeTypeDescription
Idstring-

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml
AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::CloudFront::OriginAccessControl

Resources:
  MyResource:
    Type: AWS::CloudFront::OriginAccessControl
    Properties:
      OriginAccessControlConfig: "value"

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

cloudfront:CreateOriginAccessControl

delete

cloudfront:DeleteOriginAccessControlcloudfront:GetOriginAccessControl

list

cloudfront:ListOriginAccessControls

read

cloudfront:GetOriginAccessControl

update

cloudfront:UpdateOriginAccessControlcloudfront:GetOriginAccessControl

Get the CloudFront Cheat Sheet

Everything you need to know about CloudFront on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceCloudFront
Properties2
Required1
TaggingNot supported
Primary IDId

Supported Operations

CreateDeleteListReadUpdate

Related Resources

External Links