Congito Federation identity aws credential permission access to cdn origins3

Excuse me but my question is different, I don't want to use a lambda@edge function in viewer_request(authoriz) but I would like a flat url that has associated aws credentials to invoke the resource within cloudfront. to directly invoke s3 I use amplify which generates the url for s3. I would like equivalent for cloudfront if it exists?

example of creating the s3 url with aws credentials retrieved from congito.

• Amplify.Storage.configure({ region:region , bucket: resource.s3Bucket , level: 'public', credentials: currentUserCredentials.value, customPrefix: { public: '', } }); resource.s3PublicUrl = await Storage.get( resource.s3Key );*

URL like this: https://@mybucket.s3.eu-west-1.amazonaws.com/resources/company-b/ce424f31-4901-451f-a105-8539f67204ec/04e5270d-bf16-46b0-9393-f9e25584f45a_image-25.jpg?x -amz-content-sha256=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&x-amz-user-agent=aws-amplify%2F5.3.13+storage%2F2+framework%2F4&X-Amz-Algorithm= AWS4-HMAC-SHA256&X-Amz-Credential=ASIA2CEJGFIT773UNRXO%2F20240208%2Feu -west-1%2Fs3%2Faws4_request&X-Amz-Date=20240208T114456Z&X-Amz-SignedHeaders=host&X-Amz-expires=900&X-Amz-Security-Token=IQoJb3JpZ2lu pIqTwYZdqi4X8%2BTNd5hPSK3tQa5CR3YX1dAIgO2dUkJdUGzdo4WlSgau0dXUiWOvjz2fNMQdtmFOESjkqyAUI7f%2F%2F%2F%2F%2F%2F%2F %2F%2F%2FARADGgw2OTE3Nzc0NDg0ODciDIKAhP9SwjLeXc%2B%2B8yqcBdLlnIOs5AQAbWtGpnIrS4iW9xpTScjlTkW38UrsrddmclOgDaWBu%2Fk9UuGB3tT1ejBkuF%2Bz%2FLqi6%2Fe QjEBQ4tKuDEepkXGV7qgd4mTjeLXzjgvnaD8UAkNTYDqG1p%2ByjugApyQFs8q%2FnEWZKca13niuO3%2BFKiLiSv3vgLCZAs7s0aRgMghOHeYLbCKZ2jFQc7jOj1laXg2V0uiNVLnfGNWC9IVkBr J6xPGP2P8i9YIq6XU8aCxQawGWFl4rod9oj6Tj5aH6hONiuTYIQfTvRj07UdiFAeRyxcsA%2BIhOr3isj%2FYgXhhDN4EnAtm7vHpr4Wqd7X7VomDsBWIjkvYQFie5eFiCc3NjM9tVZJ8LX t8JImXkgJFTg3T4bghT6nzoRXEgKVSfh6goaSih2xGk3mC2E%2FxQUpEBVRDna8KAH5CjwdQBrwUWbkzGYEtlM5HvWzbuzLyjnpEspsl7HSrij8R24Ft3vjeUJblU2JFtgR3G04g3c%2FD728Q q%2BIk79ATBgCd0V9zhZsXALm1Lb4D4z59mzNaRqwpC4J57Si4v8G2wjd5s%2F2yM7PUD05QyAhfpUNLtkKmnAegKvjYf2UBYXHQ2yszYg5r03qo2fySPWN07AgOTAbvHJ7K%2FrESua1Di 8CgfQdO%2FoZoNdFCt7XBgU9HWSde9Xy3BtyRzLGGzpogmYtFmbj2QICaNTXe0JfKrgH6W4UQ0Tbwu57DIsr8seuvpsVSm1eurUjXcOVKfQm7XUsXPAY69AWuD14g0E4l%2FCR43DAyzS32Cf2yIO 8FGjvZN7XR9q3MpD75q2ZVNY9XINOpIIglAlra9yVi%2FvTJOFGX4zPu186sdLcWLq4lxmGeDBV0umWwLDQbTzIAfNugu8%2B8Jrhmi0bm%2BnCBeMLj9kq4GOoUCpiytjf3GgFdBsvrKbpk5f6d 51m0af92tW%2BXWG21f0SeKnRccGq271WUHGuOM %2FGMdfDLMH62Ske3Mn2jym3LZ7XofYeOBL%2BxuAQdCPdJaFuyp6tOzKhbdN9M%2FhLCN5317MbP3h4Ky6uJB4jYAXxNtYFYT2q7iXEvPdzlJX9mFWfWZ0VCfXMugIDBEhgsdPIMdHPx 8tnrr78RzEIFoP9Fds1rLIrth%2B1f2z2vwvjp06g1EJ3JT5fvO%2Fry9FuRCSOFsSsLrImrCWYpv5ZGSV9Vz8pYxUkTS7XpNvjFKJEuy4PlCuYyGIhU%2Fju%2BZjVQ74J4aHxDUFjG ejHiykP0FFOmAzPp4vbEx&X-Amz-Signature=69988c04e9ae8bf987417920099b61e5a2c8b9af6167d399e0233ee6ca64ea92