Menu
Amazon CloudFront
API Reference (API Version 2016-09-07)

POST Origin Access Identity

Description

This action creates a new CloudFront origin access identity. If you're using Amazon S3 for your origin, you can use an origin access identity to require users to access your content using a CloudFront URL instead of the Amazon S3 URL. For more information about how to use origin access identities, go to Serving Private Content through CloudFront in the Amazon CloudFront Developer Guide.

Note

You can create up to 100 origin access identities per AWS account.

To create a new CloudFront origin access identity, you do a POST on the 2016-09-07/origin-access-identity/cloudfront resource. The request body must include an XML document with a CloudFrontOriginAccessIdentityConfig element. The response echoes the CloudFrontOriginAccessIdentityConfig element and returns other metadata about the origin access identity.

Requests

Syntax

POST /2016-09-07/origin-access-identity/cloudfront HTTP/1.1
Host: cloudfront.amazonaws.com
Authorization: AWS authentication string
Date: time stamp
Other required headers

<?xml version="1.0" encoding="UTF-8"?>
<CloudFrontOriginAccessIdentityConfig xmlns="http://cloudfront.amazonaws.com/doc/2016-09-07/">
   <CallerReference>ref</CallerReference>
   <Comment>The comment.</Comment>
</CloudFrontOriginAccessIdentityConfig>

Headers

The request must include the headers required in all CloudFront requests. For more information, see Common REST Headers.

Elements

Name Description Required

CloudFrontOriginAccessIdentityConfig

The origin access identity's configuration information. For more information, see CloudFrontOriginAccessIdentityConfig Complex Type.

Type: CloudFrontOriginAccessIdentityConfig complex type

Default: None

Yes

Responses

Syntax

201 Created
Location: URI of new origin access identity
x-amz-request-id: Request ID

<?xml version="1.0" encoding="UTF-8"?>
<CloudFrontOriginAccessIdentity xmlns="http://cloudfront.amazonaws.com/doc/2016-09-07/">
   <Id>E74FTE3AEXAMPLE</Id>
   <S3CanonicalUserId>cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE</S3CanonicalUserId>
   <CloudFrontOriginAccessIdentityConfig>
      <CallerReference/>   
      <Comment/>
   </CloudFrontOriginAccessIdentityConfig>
</CloudFrontOriginAccessIdentity>

Headers

NameDescription

Location

The fully qualified URI of the new origin access identity just created, for example: https://cloudfront.amazonaws.com/2016-09-07/origin-access-identity/cloudfront/E74FTE3AEXAMPLE

Type: String

Elements

NameDescription

CloudFrontOriginAccessIdentity

The origin access identity's information. For more information, see CloudFrontOriginAccessIdentity Complex Type.

Type: CloudFrontOriginAccessIdentity datatype

Special Errors

The following table lists the special errors returned in addition to the common errors that all actions return. For more information, see Errors.

ErrorDescriptionHTTP Status Code

CloudFrontOriginAccessIdentityAlreadyExists

The caller reference you attempted to create the origin access identity with is associated with another identity.

409

MissingBody

This operation requires a body. Ensure that the body is present and the Content-Type header is set.

400

TooManyCloudFrontOriginAccessIdentities

Processing your request would cause you to exceed the maximum number of CloudFront origin access identities allowed.

400

Examples

The following example request creates a new CloudFront origin access identity.

Sample Request

POST /2016-09-07/origin-access-identity/cloudfront HTTP/1.1
Host: cloudfront.amazonaws.com
Authorization: AWS authentication string
Date: Thu, 17 May 2012 19:37:58 GMT
Other required headers

<?xml version="1.0" encoding="UTF-8"?>
<CloudFrontOriginAccessIdentityConfig xmlns="http://cloudfront.amazonaws.com/doc/2016-09-07/">  
   <CallerReference>20120229090000</CallerReference>
   <Comment>My comments</Comment>
</CloudFrontOriginAccessIdentityConfig>

Sample Response

201 Created
Location: https://cloudfront.amazonaws.com/2016-09-07/origin-access-identity/cloudfront/E74FTE3AEXAMPLE
x-amz-request-id: request_id

<?xml version="1.0" encoding="UTF-8"?>
<CloudFrontOriginAccessIdentity xmlns="http://cloudfront.amazonaws.com/doc/2016-09-07/">
    <Id>E74FTE3AEXAMPLE</Id>
    <S3CanonicalUserId>
       cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE
    </S3CanonicalUserId>
    <CloudFrontOriginAccessIdentityConfig>
      <CallerReference>20120229090000</CallerReference>
      <Comment>My comments</Comment>
   </CloudFrontOriginAccessIdentityConfig>
</CloudFrontOriginAccessIdentity>