top of page

CloudFront.2

CloudFront distributions should have origin access identity enabled

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon CloudFront

AWS Foundational Best Practice, NIST CSF, NIST.800-53.r5,

This control checks whether an Amazon CloudFront distribution with an Amazon S3 origin type has Origin Access Identity (OAI) configured. The control fails if the CloudFront distribution that is backed by Amazon S3 does not have OAI configured.

bottom of page