How to restrict access to S3 assets (via CloudFront) based on asset meta data that is stored in a third party application?

One of my customers wants to restrict access to S3 bucket via Cloudfront. I assume Origin Access Identity (OAI) can be used here. But the access is conditional (i.e based on some asset meta data in third party application). What is the best way to achieve this ? Add some sort of custom header in CloudFront call after looking up that external asset and then use that header in Policy Statement ?

主題

儲存空間網路與內容交付

標籤

Amazon Simple Storage Service Amazon CloudFront

語言

English

Albeda_S

已提問 4 年前檢視次數 328 次

1 個回答

最新
最多得票
最多評論

這些答案是否有幫助？支持正確答案，以幫助社區從您的知識中受益。

已接受的答案

Use OAI to restrict access to the distribution solely to CloudFront, and then use Lambda@Edge (origin request event) to apply access control on application level.

專家

achraf

已回答 4 年前

How to restrict access to S3 assets (via CloudFront) based on asset meta data that is stored in a third party application?

相關內容