Menu
I want to restrict bucket access to certain IPs. I know how to create a bucket policy from Restricting Access to Specific IP Addresses.
My question: Can this work with CloudFront? How? Can I allow only certain IPs to access CloudFront?
985
CloudFront doesn't support assigning a static IP address to distributions. When a user requests content from CloudFront, DNS returns 4 IP addresses of the edge location with the lowest latency. This allows content to be delivered with the best possible performance.
You can control user access to your private content in two ways: Restrict access to files in CloudFront caches. Restrict access to files in your origin by doing one of the following: Set up an origin access control (OAC) for your Amazon S3 bucket.
Web Application Firewall is your friend.
http://docs.aws.amazon.com/waf/latest/developerguide/web-acl-ip-conditions.html
Create your rule with your IP Addresses and rest "WAF" will take care.
You need to apply this to the required CloudFront Distribution.
You can restrict your bucket policies to CloudFront and restrict to your required IP's through CloudFront.
184
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
