(cloudfront.distribution): (No way to set the Origin access to Origin access control settings (recommended)) #27802
Labels
@aws-cdk/aws-cloudfront
Related to Amazon CloudFront
closed-for-staleness
This issue was automatically closed because it hadn't received any attention in a while.
feature-request
A feature should be added or improved.
p2
response-requested
Waiting on additional info and feedback. Will move to "closing-soon" in 7 days.
Comments
aramatev
added
feature-request
|
I guess this is related to #21771 ? |
pahud
added
response-requested
|
This issue has not received a response in a while. If you want to keep this issue open, please leave a comment below and auto-close will be canceled. |
github-actions
bot
added
closing-soon
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the feature
in python aws cdk, there is no way to create Origin access control setting, which is the recommended way. Furthermore when you go to create Distribution there is no way to set the origin access to AOC, the only IOrigin I see is AOI, which also does not work cloudfront.OriginAccessIdentity(). So currently there is no way to make Cloudfront to s3 website work without getting 403 forbidden error.
See, https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#private-content-oac-permission-to-access-s3
You can use the legacy way the cloudfront.CloudFrontWebDistribution() way, but it is deprecated and we're told to use Distribution. So please make it work.
Use Case
It seems like we're missing a recommended way to set S3 origin source in cloudfront distribution.
Proposed Solution
I think this is simply not coded and needs to be
Other Information
No response
Acknowledgements
CDK version used
aws-cdk-lib==2.99.1
Environment details (OS name and version, etc.)
macos, node v20.8.0, python 3.9.13
The text was updated successfully, but these errors were encountered: