- Newest
- Most votes
- Most comments
Thanks for details. Not sure if I completely understand the requirement, but you could certainly restrict the access from a range of IP addresses and extend the validity using custom policy. Here's an example: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html#private-content-custom-policy-statement-example-one-object
Please feel free to provide more details in case of further questions, thank you.
You are already using Signed URl's if I understand correctly and what you want now is to secure your front-end server to only allow requests coming from Amazon CloudFront. Is that correct? If this is the case you can use custom headers to be added to the request to your front-end servers and only requests that have the custom header will be served. See the following documentation: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-overview.html Look at the section - Restricting access to files on custom origins
Relevant content
- Accepted Answer
- asked 9 months ago
- asked 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated 15 days ago