Provide additional control over access to content in CloudFront.
Allow restricting access to individual files or multiple restricted files without changing existing URLs.
Signed URLs (For individual files)
Include additional information such as expiration date and time, controlled via policy statements (canned or custom).
Suitable for restricting access to individual files, like installation downloads.
Useful when users are using clients that don’t support cookies.
Signed Cookies (For multiple files)
Allow controlling access to multiple restricted files without altering existing URLs.
Ideal for scenarios like providing access to all files for a video in HLS format or subscriber areas of a website.
Application authenticates user and sends three Set-Cookie headers to the viewer, which stores them and includes them in subsequent requests in a Cookie header.
Use Cases
Signed URLs:
Restrict access to individual files, e.g., installation downloads.
Suitable for clients that don’t support cookies.
Signed Cookies:
Provide access to multiple restricted files, e.g., video files or subscriber areas of a website.