The final step in getting started with Cloud Access Manager is to configure your property to point to the access key that you want to use to sign your requests. To do that, you can add or modify the Origin Characteristics behavior and select the access keys that you previously created in Cloud Access Manager.

Before you begin

• Make sure that you configured the Origin Server behavior to serve content from a cloud-based origin. See the Property Manager documentation.
• Make sure you're familiar with best practices for cloud origin providers. See Best practices.

How to

1. Access Property Manager configurations associated with the selected Control Center account. Go to ☰ > CDN > Properties (or just enter Properties in the search box).

   The Property Groups page opens.

2. Click the Property Name link for your property.

3. On the Property Details page, click the Version of your configuration that you want to access in Manage Versions and Activations.

   The Property Manager Editor appears.

4. If your property is already active, click Edit New Version to introduce your changes.

5. If you haven't configured the Origin Characteristics yet, select or create the rule where you want to enable this behavior:

   • To authenticate requests to all hostnames in the property, add the behavior in the Default Rule.

   • To authenticate requests to specific hostnames in the property or requests matching specific criteria, add the behavior in a custom rule. See Rules in the Property Manager documentation.

6. Configure or edit the Origin Characteristic behavior. In Authentication Method, select the third-party cloud provider that you use as your origin, either Amazon Web Services or Interoperability Google Cloud Storage.

7. Switch Encrypted Storage to yes. This lets you refer to access keys you created and securely store in Cloud Access Manager. If you disable this option, the Origin Characteristics behavior stores the authentication details unencrypted.

8. Select the access key that you want to use to sign requests to a cloud origin. This field lists only active access keys that you created in Cloud Access Manager and that match your property's authentication method selected in the Origin Characteristics behavior.

9. AWS only: In Region, enter the code of the AWS region that houses your AWS service.

10. AWS only: In Endpoint Service, enter the code of your AWS service. This is the segment or its part that precedes amazonaws.com or a region code in your the AWS service endpoint. For example, s3 is the service code for this service endpoint: https:// account-id.s3-control.eu-north-1.amazonaws.com. See AWS Service Endpoints and Service Endpoints and Quotas.

11. AWS only: In Hostname (Optional), enter the hostname of your AWS service. For example, example.s3.eu-north-1.amazonaws.com. The Origin Server Hostname in the Origin Server behavior is used if a hostname is not entered.

12. In Origin Location, select the geographical location of your origin server to optimize access to it. If you aren't sure about your server location, you can leave it as N/A or Unknown. See Origin Characteristics in the Property Manager documentation.

13. Save the changes.

📘

How to check where an access key is assigned

In Cloud Access Manager, find and click the access key to see more details. The details for the key and the versions are displayed. Click the arrow next to the key version.
The properties using the key version (if there are any) are listed.

Next steps

Activate your property on the staging network to test if your configuration works properly. When you're happy with the results, you can activate your property on the production network.