Package software.amazon.awscdk.services.cloudfront

Class OriginAccessIdentity

java.lang.Object

software.amazon.jsii.JsiiObject

software.constructs.Construct

software.amazon.awscdk.Resource

software.amazon.awscdk.services.cloudfront.OriginAccessIdentity

All Implemented Interfaces:

IResource, IOriginAccessIdentity, IGrantable, software.amazon.jsii.JsiiSerializable, software.constructs.IConstruct, software.constructs.IDependable

@Generated(value="jsii-pacmak/1.104.0 (build e79254c)",
           date="2024-12-17T21:37:27.650Z")
@Stability(Stable)
public class OriginAccessIdentity
extends Resource
implements IOriginAccessIdentity

An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content.

Example:

 Bucket myBucket = new Bucket(this, "myBucket");
 OriginAccessIdentity myOai = OriginAccessIdentity.Builder.create(this, "myOAI")
         .comment("My custom OAI")
         .build();
 IOrigin s3Origin = S3BucketOrigin.withOriginAccessIdentity(myBucket, S3BucketOriginWithOAIProps.builder()
         .originAccessIdentity(myOai)
         .build());
 Distribution.Builder.create(this, "myDist")
         .defaultBehavior(BehaviorOptions.builder()
                 .origin(s3Origin)
                 .build())
         .build();
 

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
static final class	OriginAccessIdentity.Builder	A fluent builder for OriginAccessIdentity.

Nested classes/interfaces inherited from class software.amazon.jsii.JsiiObject

software.amazon.jsii.JsiiObject.InitializationMode

Nested classes/interfaces inherited from interface software.constructs.IConstruct

software.constructs.IConstruct.Jsii$Default

Nested classes/interfaces inherited from interface software.amazon.awscdk.services.cloudfront.IOriginAccessIdentity

IOriginAccessIdentity.Jsii$Default, IOriginAccessIdentity.Jsii$Proxy

Nested classes/interfaces inherited from interface software.amazon.awscdk.IResource

IResource.Jsii$Default

Constructor Summary

Constructors

Modifier	Constructor	Description
protected	OriginAccessIdentity(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)
protected	OriginAccessIdentity(software.amazon.jsii.JsiiObjectRef objRef)
	OriginAccessIdentity(software.constructs.Construct scope, String id)
	OriginAccessIdentity(software.constructs.Construct scope, String id, OriginAccessIdentityProps props)

Method Summary

Modifier and Type	Method	Description
protected String	arn()	The ARN to include in S3 bucket policy to allow CloudFront access.
static IOriginAccessIdentity	fromOriginAccessIdentityId(software.constructs.Construct scope, String id, String originAccessIdentityId)	Creates a OriginAccessIdentity by providing the OriginAccessIdentityId.
static IOriginAccessIdentity	fromOriginAccessIdentityName(software.constructs.Construct scope, String id, String originAccessIdentityName)	Deprecated. use fromOriginAccessIdentityId
String	getCloudFrontOriginAccessIdentityS3CanonicalUserId()	The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.
IPrincipal	getGrantPrincipal()	Derived principal value for bucket access.
String	getOriginAccessIdentityId()	The Origin Access Identity Id (physical id) This was called originAccessIdentityName before.
String	getOriginAccessIdentityName()	Deprecated. use originAccessIdentityId instead

Methods inherited from class software.amazon.awscdk.Resource

applyRemovalPolicy, generatePhysicalName, getEnv, getPhysicalName, getResourceArnAttribute, getResourceNameAttribute, getStack, isOwnedResource, isResource

Methods inherited from class software.constructs.Construct

getNode, isConstruct, toString

Methods inherited from class software.amazon.jsii.JsiiObject

jsiiAsyncCall, jsiiAsyncCall, jsiiCall, jsiiCall, jsiiGet, jsiiGet, jsiiSet, jsiiStaticCall, jsiiStaticCall, jsiiStaticGet, jsiiStaticGet, jsiiStaticSet, jsiiStaticSet

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface software.constructs.IConstruct

getNode

Methods inherited from interface software.amazon.awscdk.IResource

applyRemovalPolicy, getEnv, getStack

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Constructor Details

OriginAccessIdentity

protected OriginAccessIdentity(software.amazon.jsii.JsiiObjectRef objRef)

OriginAccessIdentity

protected OriginAccessIdentity(software.amazon.jsii.JsiiObject.InitializationMode initializationMode)

OriginAccessIdentity

@Stability(Stable)
public OriginAccessIdentity(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @Nullable
 OriginAccessIdentityProps props)

Parameters:

scope - This parameter is required.

id - This parameter is required.

props -

OriginAccessIdentity

@Stability(Stable)
public OriginAccessIdentity(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id)

Parameters:

scope - This parameter is required.

id - This parameter is required.

Method Details

fromOriginAccessIdentityId

@Stability(Stable)
@NotNull
public static IOriginAccessIdentity fromOriginAccessIdentityId(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 String originAccessIdentityId)

Creates a OriginAccessIdentity by providing the OriginAccessIdentityId.

Parameters:

scope - This parameter is required.

id - This parameter is required.

originAccessIdentityId - This parameter is required.

fromOriginAccessIdentityName

@Stability(Deprecated)
@Deprecated
@NotNull
public static IOriginAccessIdentity fromOriginAccessIdentityName(@NotNull
 software.constructs.Construct scope,
 @NotNull
 String id,
 @NotNull
 String originAccessIdentityName)

Deprecated.

use fromOriginAccessIdentityId

(deprecated) Creates a OriginAccessIdentity by providing the OriginAccessIdentityId.

It is misnamed and superseded by the correctly named fromOriginAccessIdentityId.

Parameters:

scope - This parameter is required.

id - This parameter is required.

originAccessIdentityName - This parameter is required.

arn

@Stability(Stable)
@NotNull
protected String arn()

The ARN to include in S3 bucket policy to allow CloudFront access.

getCloudFrontOriginAccessIdentityS3CanonicalUserId

@Stability(Stable)
@NotNull
public String getCloudFrontOriginAccessIdentityS3CanonicalUserId()

The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.

getGrantPrincipal

@Stability(Stable)
@NotNull
public IPrincipal getGrantPrincipal()

Derived principal value for bucket access.

Specified by:

getGrantPrincipal in interface IGrantable

getOriginAccessIdentityId

@Stability(Stable)
@NotNull
public String getOriginAccessIdentityId()

The Origin Access Identity Id (physical id) This was called originAccessIdentityName before.

Specified by:

getOriginAccessIdentityId in interface IOriginAccessIdentity

getOriginAccessIdentityName

@Stability(Deprecated)
@Deprecated
@NotNull
public String getOriginAccessIdentityName()

Deprecated.

use originAccessIdentityId instead

(deprecated) The Origin Access Identity Id (physical id) It is misnamed and superseded by the correctly named originAccessIdentityId.

Specified by:

getOriginAccessIdentityName in interface IOriginAccessIdentity