You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+19Lines changed: 19 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -86,6 +86,25 @@ distribution:
86
86
viewer-request: arn:aws:lambda:us-east-1:123:function:myFunc:version # lambda ARN including version
87
87
```
88
88
89
+
#### Private S3 Content
90
+
91
+
To restrict access to content that you serve from S3 you can mark as `private` your S3 origins:
92
+
93
+
```yml
94
+
# serverless.yml
95
+
96
+
distribution:
97
+
component: '@serverless/aws-cloudfront'
98
+
inputs:
99
+
origins:
100
+
- url: https://my-private-bucket.s3.amazonaws.com
101
+
private: true
102
+
```
103
+
104
+
A bucket policy will be added that grants CloudFront with access to the bucket objects. Note that it doesn't remove any existing permissions on the bucket. If users currently have permission to access the files in your bucket using Amazon S3 URLs you will need to manually remove those.
105
+
106
+
This is documented in more detail here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
0 commit comments