Step 1—Upload Your Content to Amazon S3 and Grant Object Permissions

CloudFront can distribute almost any type of file for you using an Amazon S3 bucket as the source, and there is no limit to the amount of data that you can store on Amazon S3.

By default, your Amazon S3 bucket and all the files in it are private—only the AWS account that created the bucket has read/write permission to the files. If you want to allow anyone to access the files in your Amazon S3 bucket using CloudFront URLs, you must grant public read permissions to the objects. You must explicitly grant permissions to each object in an Amazon S3 bucket.

If you want to restrict who can download your content, you can use the CloudFront private content feature. For more information about distributing private content:

• see Serving Private Content with Signed URLs and Signed Cookies.

• Upload your content to Amazon S3 and grant read permissions to everyone
  1. open the Amazon S3 console
  2. choose Create bucket
  3. on the Name and region page, do the following:
     • enter a bucket name
     • choose an AWS Region
  4. choose Next
  5. on the Configure options page, choose options for versioning, tagging, and other features.
  6. choose Next
  7. on the Set permissions page, clear the following check box:
     • Block all public access

       You must allow public read access to the bucket and files so that CloudFront URLs can serve content from the bucket. However, you can restrict access to specific content by using the CloudFront private content feature.

       • see Serving Private Content with Signed URLs and Signed Cookies
  8. choose Next, and then choose Create bucket.
  9. In the Buckets pane, choose your bucket, and then choose Upload.
  10. choose Add files, and then choose the files that you want to upload.
  11. choose Next
  12. On the Set permissions page, grant public read privileges for each file that you upload to your Amazon S3 bucket.
      • choose Next to set permissions
      • for Manage public permissions, choose Grant public read access to this object(s)
      • choose Next
  13. Set any properties that you want for the object, such as encryption or tagging, and then choose Next
  14. choose Upload

  Use your Amazon S3 URL to verify that your content is publicly accessible.