Skip to content

Resource: awsCloudfrontOriginAccessControl

Manages an AWS CloudFront Origin Access Control, which is used by CloudFront Distributions with an Amazon S3 bucket as the origin.

Read more about Origin Access Control in the CloudFront Developer Guide.

Example Usage

Basic Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.cloudfrontOriginAccessControl.CloudfrontOriginAccessControl(
  this,
  "example",
  {
    description: "Example Policy",
    name: "example",
    originAccessControlOriginType: "s3",
    signingBehavior: "always",
    signingProtocol: "sigv4",
  }
);

Argument Reference

The following arguments are required:

  • name - (Required) A name that identifies the Origin Access Control.
  • description - (Required) The description of the Origin Access Control. It may be empty.
  • originAccessControlOriginType - (Required) The type of origin that this Origin Access Control is for. The only valid value is s3.
  • signingBehavior - (Required) Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, noOverride.
  • signingProtocol - (Required) Determines how CloudFront signs (authenticates) requests. Valid values: sigv4.

Attributes Reference

In addition to all arguments above, the following attributes are exported:

  • id - The unique identifier of this Origin Access Control.
  • etag - The current version of this Origin Access Control.

Import

CloudFront Origin Access Control can be imported using the id. For example:

$ terraform import aws_cloudfront_origin_access_control.example E327GJI25M56DG