GetCloudFrontOriginAccessIdentity - Amazon CloudFront
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).


Get the information about an origin access identity.

Request Syntax

GET /2020-05-31/origin-access-identity/cloudfront/Id HTTP/1.1

URI Request Parameters

The request uses the following URI parameters.


The identity's ID.

Required: Yes

Request Body

The request does not have a request body.

Response Syntax

HTTP/1.1 200 <?xml version="1.0" encoding="UTF-8"?> <CloudFrontOriginAccessIdentity> <CloudFrontOriginAccessIdentityConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> </CloudFrontOriginAccessIdentityConfig> <Id>string</Id> <S3CanonicalUserId>string</S3CanonicalUserId> </CloudFrontOriginAccessIdentity>

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in XML format by the service.


Root level tag for the CloudFrontOriginAccessIdentity parameters.

Required: Yes


The current configuration information for the identity.

Type: CloudFrontOriginAccessIdentityConfig object


The ID for the origin access identity, for example, E74FTE3AJFJ256A.

Type: String


The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.

Type: String


For information about the errors that are common to all actions, see Common Errors.


Access denied.

HTTP Status Code: 403


The specified origin access identity does not exist.

HTTP Status Code: 404

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: