Whether you're taking your first steps with Kubernetes or you're an experienced practitioner looking to sharpen your skills, our Amazon EKS workshop series delivers practical, real-world experience that moves you forward. Learn directly from AWS solutions architects and EKS specialists through hands-on sessions designed to build your confidence with Kubernetes. Register now and start building with Amazon EKS!
How to restrict access to S3 assets (via CloudFront) based on asset meta data that is stored in a third party application?
One of my customers wants to restrict access to S3 bucket via Cloudfront. I assume Origin Access Identity (OAI) can be used here. But the access is conditional (i.e based on some asset meta data in third party application). What is the best way to achieve this ? Add some sort of custom header in CloudFront call after looking up that external asset and then use that header in Policy Statement ?
- Language
- English
- Newest
- Most votes
- Most comments
Use OAI to restrict access to the distribution solely to CloudFront, and then use Lambda@Edge (origin request event) to apply access control on application level.
Relevant content
- AWS OFFICIALUpdated 4 months ago
- AWS OFFICIALUpdated 5 months ago
