AWS::CloudFront::OriginAccessControl - Amazon CloudFormation
SyntaxPropertiesReturn values
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

AWS::CloudFront::OriginAccessControl

Creates a new origin access control in CloudFront. After you create an origin access control, you can add it to an origin in a CloudFront distribution so that CloudFront sends authenticated (signed) requests to the origin.

This makes it possible to block public access to the origin, allowing viewers (users) to access the origin's content only through CloudFront.

For more information about using a CloudFront origin access control, see Restricting access to an Amazon origin in the Amazon CloudFront Developer Guide.

Syntax

To declare this entity in your Amazon CloudFormation template, use the following syntax:

JSON

{
  "Type" : "AWS::CloudFront::OriginAccessControl",
  "Properties" : {
      "OriginAccessControlConfig" : OriginAccessControlConfig
    }
}

YAML

Type: AWS::CloudFront::OriginAccessControl
Properties:
  OriginAccessControlConfig: 
    OriginAccessControlConfig

Properties

OriginAccessControlConfig

The origin access control.

Required: Yes

Type: OriginAccessControlConfig

Update requires: No interruption

Return values

Ref

For more information about using the Ref function, see Ref.

Fn::GetAtt

The Fn::GetAtt intrinsic function returns a value for a specified attribute of this type. The following are the available attributes and sample return values.

For more information about using the Fn::GetAtt intrinsic function, see Fn::GetAtt.

Id

The unique identifier of the origin access control.