How to restrict access just to cloudfront from a custom origin server?

amazon-cloudfront

if i understood well, in order to create a custom origin distribution, I need to make public those files on my custom origin server.

In my case, that will be put those files into a public dir of an apache server. My question is, is it possible to restrict access to that apache server to just cloudfront?

I know how to do it to allow only one ip, but, how to do it with cf?

Thanks in advance!


You could restrict access to the published Amazon CloudFront Public IP Ranges; however, be aware of the respective disclaimer by Amazon:

The CloudFront IP addresses change frequently and we cannot guarantee advance notice of changes. On a best-effort basis, we will provide the list of current addresses. Customers should not use these addresses for mission critical applications and must never hard code them in DNS names. [emphasis mine]

Consequently you should monitor this forum/post to take notice of respective changes as early as possible (if this constraint is acceptable for your use case in the first place of course).

Related

Is it possible to re-cab an Administrative Install Point?
Windows Server 2008 R2 RAS VPN: access server on internal interface ip
Windows Server Cluster & Strange Day Light Savings Time Behaviour
Enable Remote Desktop File Transfer
Gitolite, how to include .conf file with a relative path?
Mapping Drive Error - System Error 1808
How to disable scroll acceleration in macOS Monterey
Creating a new file blocks Textmate
Access to Keychain items is restricted
Defer Sending Email using Mail.app
Can Time Machine on a server use quota?
Is there a way to disable web page auto refresh in Safari?