You can restrict the access of contents delivered in CloudFront using origin access identity, bucket policy and IAM. We can directly implement using origin access identity but the AWS S3 bucket is used as the origin for CloudFront distribution, it either allows public access, or restricts them.
The following policies are attached to an IAM identity.
1. Click the ID of Distribution with S3 origin.
2. Choose the settings of Distribution.
3. In Origins tab, click on origin and edit.
4. For restricting the bucket access, select ‘YES’.
Also, learn more about AWS, and become a master by enrolling for Intellipaat's AWS Certification Training!
For more information, check out this AWS Tutorial.