Configure property to sign requests with access key

The final step in getting started with Cloud Access Manager is to configure your property to point to the access key that you want to use to sign your requests. To do that, you can add or modify the Origin Characteristics behavior and select the access keys that you previously created in Cloud Access Manager.

Before you begin

  • Make sure that you configured the Origin Server behavior to serve content from a cloud-based origin. See the Property Manager documentation.
  • Make sure you're familiar with best practices for cloud origin providers. See Best practices.

How to

  1. Access Property Manager configurations associated with the selected Control Center account. Go to > CDN > Properties (or just enter Properties in the search box).

    The Property Groups page opens.

  2. Click the Property Name link for your property.

  3. On the Property Details page, click the Version of your configuration that you want to access in Manage Versions and Activations.

    The Property Manager Editor appears.

  4. If your property is already active, click Edit New Version to introduce your changes.

  5. If you haven't configured the Origin Characteristics yet, select or create the rule where you want to enable this behavior:

    • To authenticate requests to all hostnames in the property, add the behavior in the Default Rule.

    • To authenticate requests to specific hostnames in the property or requests matching specific criteria, add the behavior in a custom rule. See Rules in the Property Manager documentation.

  6. Configure or edit the Origin Characteristic behavior:

    1. In Origin Location, select the geographical location of your origin server to optimize access to it. If you aren't sure about your server location, you can leave it as Unknown. See Origin Characteristics in the Property Manager documentation.

    2. In Authentication Method, select the third-party cloud provider that you use as your origin, either Amazon Web Services (AWS) or Interoperability Google Cloud Storage.

  7. Switch Encrypted Storage to yes. This lets you refer to access keys your created and securely store in Cloud Access Manager. If you disable this option, the Origin Characteristics behavior stores the authentication details unencrypted.

  8. Select the access key that you want to use to sign requests to a cloud origin. This field lists only active access keys that you created in Cloud Access Manager and that match your property's authentication method selected in the Origin Characteristics behavior.

  9. AWS only: In Region, enter the code of the AWS region that houses your AWS service.

  10. AWS only: In Service Endpoint, enter the code of your AWS service. This is the segment or its part that precedes amazonaws.com or a region code in your the AWS service endpoint. For example, s3 is the service code for this service endpoint: https:// account-id.s3-control.eu-north-1.amazonaws.com. See AWS Service Endpoints and Service Endpoints and Quotas.

Next steps

Activate your property on the staging network to test if your configuration works properly. When you're happy with the results, you can activate your property on the production network.


Did this page help you?