S3 + Cloudfrontのアクセス制御にはOrigin Access Control (OAC)を利用するように変更 #103
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
issueURL
#100
Doneの定義
#100 の完了条件が満たされていること
変更点概要
S3 + Cloudfrontのアクセス制御にOrigin Access Identity (OAI)からOrigin Access Control (OAC)を利用するように変更。
移行の手順は、公式のドキュメントを参考にした。
Migrating from origin access identity (OAI) to origin access control (OAC)
具体的な手順は下記の通り
terraform apply
を実行しようとするとS3バケットポリシーも差分が発生したので、ターゲットにCloudFrontを指定してterraform apply
を実行S3 + Cloudfront で配信している画像が表示されていることを確認。