|
|
|
|
|
|
by kmeisthax
974 days ago
|
|
|
So, the CloudFront setup process only surfaces S3, ELBs, API Gateways, Mediastore, and Mediapackage domains as origin domains. I do notice that it will let me type in an arbitrary domain - is that how you're supposed to stick bare EC2 instances behind CloudFront? Just provide it something like realoriginserverplsdonthack.example.com and use some other method (e.g. VPC configuration) to prevent bypassing CloudFront? |
|
|
If you want to lock ec2 access to cloudfront only you can do it in SG with "managed prefix list for CloudFront".