AWS > S3 >

S3 Bucket Policy CloudFront OAC

MEDIUM
Source
CloudSploit
ID
s3-bucket-policy-cloudfront-oac

S3 Bucket Policy CloudFront OAC

Ensures S3 bucket is origin to only one distribution and allows only that distribution.

Access to CloudFront origins should only happen via ClouFront URL and not from S3 URL or any source in order to restrict access to private data.

Review the access policy for S3 bucket which is an origin to a CloudFront distribution. Make sure the S3 bucket is origin to only one distribution.