1 Respuesta
- Más nuevo
- Más votos
- Más comentarios
0
The bucket policy determines the access to your bucket. By setting it up for OAI access you're effectively denying any other web-based access to the bucket. You can (if you like) add an Allow
statement but that kind of defeats the purpose of using OAI which is to restrict access to the bucket only to CloudFront.
Contenido relevante
- OFICIAL DE AWSActualizada hace un año
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 2 años
- OFICIAL DE AWSActualizada hace 3 años
I know the oai settings on s3. In cloudfront, the distribution domain uses oai and the origin domain, The original domain is only the rest api of s3, so I want to check if it is normal to not be able to connect if oai is set.
By default, if you have an "Allow" in your bucket policy for the OAI access and nothing else then there is an implicit deny in place. It will be completely normal for all other access to the bucket to be denied. More information in this blog post.