PRACTICAL

1. Creating CloudFront

cloudfront -> create distribution -> web -> select origin domain name (bucket dns name) -> viewer protocol policy (HTTP & HTTPS) -> allowed HTTP method (GET, HEAD) -> price class (use all edge location) -> create distribution. Copy the domain name from distribution and replace it in the file -> wait till the cdn gets deployed (upto 20 mins)

Use the existing WordPress instance that we have launched -> create post paste the cdn url.

(note: For cdn replace the cdn domain name with s3 and https with http

Use the existing file a Use the existing file add

Use the existing file add

<source src="http://s3.ap-south1.amazonaws.com/awscdncheck/videoplayback.mp4" type="video/mp4"> /video>

(note: to verify video is public)

Mainly used to securely serve this private content using CloudFront
users access your private content by using special CloudFront signed URLs or signed cookies.
users access your Amazon S3 content using CloudFront URLs, not Amazon S3 URLs.
Cloudfront -> private content -> origin access identity (oai) -> create oai (CloudFront OAI to objects S3 bucket) -> select the existing distribution -> goto origin -> edit -> restrict bucket access (yes) -> origin access identity (use an existing one) -> your identities (CloudFront OAI to objects S3 bucket) -> grant read permission on bucket (yes update bucket policy) ->verify the bucket policy is update by selecting the bucket click on edit bucket policy there you can see the updated policy -> select the object in the bucket -> remove “everyone” permission to restrict public access from s3 -> save -> check the file with s3 link which won’t be able to access.

An origin access identity is a special CloudFront user that you can use to give CloudFront access to your Amazon S3 bucket. This is useful when you are using signed URLs or signed cookies to restrict access to private content in Amazon S3

Last updated 5 years ago