AWS AmazonCloudFront documentation change
Summary
Added note that S3 Multi-Region Access Points require different OAC configuration and link to specific documentation.
Security assessment
The change clarifies configuration differences for a security feature (Origin Access Control) when using a new origin type. It provides guidance to avoid misconfiguration but does not address a specific security incident.
Diff
diff --git a/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.md b/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.md index 247c138e9..5796a94f8 100644 --- a//AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.md +++ b//AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.md @@ -29,0 +30,2 @@ OAI doesn't support these features or it requires extra workarounds in those sce + * If you use an Amazon S3 Multi-Region Access Point as your CloudFront origin, see [Restrict access to an Amazon S3 Multi-Region Access Point origin](./private-content-restricting-access-to-s3-mrap.html). S3 Multi-Region Access Points require a different OAC configuration. +