How to allow CloudFront to access certain S3?

Question

I'm new to AWS. Now I want to write a java code to use CloudFront to access a s3.

I create a S3 bucket. But I don't know how to get cloudfront object using S3 credentials.

I read the AWS JAVA API, it seems that the code should be in this form:

AmazonCloudFrontClient cloudfront = new AmazonCloudFrontClient(credentials);
CreateCloudFrontOriginAccessIdentityRequest originRequest = new CreateCloudFrontOriginAccessIdentityRequest();
originRequest.setRequestCredentials(credentials);

cloudfront.createCloudFrontOriginAccessIdentity(originRequest);

But I don't see a S3ID or something to set the S3 to the cloudfront.

Answer 1

If you want to serve your S3 files with CloudFront, it usually means that you want the S3 bucket to be publicly available. You can simply define your objects and bucket as public though S3 interfaces (Web console, API, or 3rd party tools as CloudBerry or Bucket Explorer).

You can also set it with the Java SDK

Statement allowPublicReadStatement = new Statement(Effect.Allow)
         .withPrincipals(Principal.AllUsers)
         .withActions(S3Actions.GetObject)
         .withResources(new S3ObjectResource(myBucketName, "*"));

Policy policy = new Policy()
         .withStatements(allowPublicReadStatement);

AmazonS3 s3 = new AmazonS3Client(myAwsCredentials);
s3.setBucketPolicy(myBucketName, policy.toJson());

If you want to serve private files, you can check the documentations here: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html