AWS AmazonCloudFront documentation change
Summary
Updated references from 'AWS CloudFormation' to 'CloudFormation' for terminology consistency
Security assessment
The changes are purely terminological adjustments to use the product name 'CloudFormation' instead of 'AWS CloudFormation'. No security-related content was added, removed, or modified in substance. The documentation continues to describe the same security mechanisms (OAC configuration) without altering security guidance.
Diff
diff --git a/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-mediastore.md b/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-mediastore.md index 2362bd68e..4bc978f13 100644 --- a//AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-mediastore.md +++ b//AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-mediastore.md @@ -124 +124 @@ To allow write access, you must configure **Allowed HTTP methods** to include `P -To create an OAC, you can use the AWS Management Console, AWS CloudFormation, the AWS CLI, or the CloudFront API. +To create an OAC, you can use the AWS Management Console, CloudFormation, the AWS CLI, or the CloudFront API. @@ -174 +174 @@ CloudFormation -To create an origin access control (OAC) with AWS CloudFormation, use the `AWS::CloudFront::OriginAccessControl` resource type. The following example shows the AWS CloudFormation template syntax, in YAML format, for creating an origin access control. +To create an origin access control (OAC) with CloudFormation, use the `AWS::CloudFront::OriginAccessControl` resource type. The following example shows the CloudFormation template syntax, in YAML format, for creating an origin access control. @@ -257 +257 @@ The CloudFront origin access control feature includes advanced settings that are -Origin access control contains a setting named **Signing behavior** (in the console), or `SigningBehavior` (in the API, CLI, and AWS CloudFormation). This setting provides the following options: +Origin access control contains a setting named **Signing behavior** (in the console), or `SigningBehavior` (in the API, CLI, and CloudFormation). This setting provides the following options: @@ -262 +262 @@ Origin access control contains a setting named **Signing behavior** (in the cons -We recommend using this setting, named **Sign requests (recommended)** in the console, or `always` in the API, CLI, and AWS CloudFormation. With this setting, CloudFront always signs all requests that it sends to the MediaStore origin. +We recommend using this setting, named **Sign requests (recommended)** in the console, or `always` in the API, CLI, and CloudFormation. With this setting, CloudFront always signs all requests that it sends to the MediaStore origin. @@ -267 +267 @@ We recommend using this setting, named **Sign requests (recommended)** in the co -This setting is named **Do not sign requests** in the console, or `never` in the API, CLI, and AWS CloudFormation. Use this setting to turn off origin access control for all origins in all distributions that use this origin access control. This can save time and effort compared to removing an origin access control from all origins and distributions that use it, one by one. With this setting, CloudFront does not sign any requests that it sends to the MediaStore origin. +This setting is named **Do not sign requests** in the console, or `never` in the API, CLI, and CloudFormation. Use this setting to turn off origin access control for all origins in all distributions that use this origin access control. This can save time and effort compared to removing an origin access control from all origins and distributions that use it, one by one. With this setting, CloudFront does not sign any requests that it sends to the MediaStore origin. @@ -276 +276 @@ To use this setting, the MediaStore origin must be publicly accessible. If you u -This setting is named **Do not override authorization header** in the console, or `no-override` in the API, CLI, and AWS CloudFormation. Use this setting when you want CloudFront to sign origin requests only when the corresponding viewer request does not include an `Authorization` header. With this setting, CloudFront passes on the `Authorization` header from the viewer request when one is present, but signs the origin request (adding its own `Authorization` header) when the viewer request doesn't include an `Authorization` header. +This setting is named **Do not override authorization header** in the console, or `no-override` in the API, CLI, and CloudFormation. Use this setting when you want CloudFront to sign origin requests only when the corresponding viewer request does not include an `Authorization` header. With this setting, CloudFront passes on the `Authorization` header from the viewer request when one is present, but signs the origin request (adding its own `Authorization` header) when the viewer request doesn't include an `Authorization` header.