Serving Private Content
To configure CloudFront to serve private content, do the following tasks:
- (Optional but recommended) Require your users to access your content only
through CloudFront. The method that you use depends on whether you’re using
Amazon S3 or custom origins:
- Amazon S3
See Restricting Access to Amazon S3 Content by Using an Origin Access Identity.
- Custom origin
See Restricting Access to Files on Custom Origins.
Custom origins include Amazon EC2, Amazon S3 buckets
configured as website endpoints, Elastic Load Balancing,
and your own HTTP web servers.
- Specify the AWS accounts that you want to use to create signed URLs or
see Specifying the AWS Accounts That Can Create Signed URLs and Signed Cookies (Trusted Signers).
- Write your application to respond to requests from authorized users either
with signed URLs or with Set-Cookie headers that set signed cookies. Follow
the steps in one of the following topics: