Migrating from IAM Secret and Access Keys to OIDC for Secure AWS Deployments
Changing our GitHub Action to leverage OIDC instead of hard-coded AWS Secret and Access Keys.
tag: Aws-Cloudfront
Protect your S3-hosted static website with Origin Access Control
I previously wrote about Deploying a Jekyll website to AWS S3 with GitHub Actions and AWS CloudFormation. However, as I continue to learn more about AWS, the more tweaks I realize we can make. What I want to walk through today is removing the public access to our S3 bucket which hosts our static site. We will configure an Origin Access Control to allow only CloudFront to access the S3 bucket. There’s one caveat to our use case, but we can resolve that using CloudFront Functions. ...