AWS v7.11.0 published on Wednesday, Nov 5, 2025 by Pulumi
aws.cloudfront.getOriginAccessIdentity
Start a Neo task
Explain and create an aws.cloudfront.getOriginAccessIdentity resource
Use this data source to retrieve information for an Amazon CloudFront origin access identity.
Example Usage
The following example below creates a CloudFront origin access identity.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = aws.cloudfront.getOriginAccessIdentity({
id: "E1ZAKK699EOLAL",
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.get_origin_access_identity(id="E1ZAKK699EOLAL")
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.LookupOriginAccessIdentity(ctx, &cloudfront.LookupOriginAccessIdentityArgs{
Id: "E1ZAKK699EOLAL",
}, nil)
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = Aws.CloudFront.GetOriginAccessIdentity.Invoke(new()
{
Id = "E1ZAKK699EOLAL",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.CloudfrontFunctions;
import com.pulumi.aws.cloudfront.inputs.GetOriginAccessIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var example = CloudfrontFunctions.getOriginAccessIdentity(GetOriginAccessIdentityArgs.builder()
.id("E1ZAKK699EOLAL")
.build());
}
}
variables:
example:
fn::invoke:
function: aws:cloudfront:getOriginAccessIdentity
arguments:
id: E1ZAKK699EOLAL
Using getOriginAccessIdentity
Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.
function getOriginAccessIdentity(args: GetOriginAccessIdentityArgs, opts?: InvokeOptions): Promise<GetOriginAccessIdentityResult>
function getOriginAccessIdentityOutput(args: GetOriginAccessIdentityOutputArgs, opts?: InvokeOptions): Output<GetOriginAccessIdentityResult>def get_origin_access_identity(id: Optional[str] = None,
opts: Optional[InvokeOptions] = None) -> GetOriginAccessIdentityResult
def get_origin_access_identity_output(id: Optional[pulumi.Input[str]] = None,
opts: Optional[InvokeOptions] = None) -> Output[GetOriginAccessIdentityResult]func LookupOriginAccessIdentity(ctx *Context, args *LookupOriginAccessIdentityArgs, opts ...InvokeOption) (*LookupOriginAccessIdentityResult, error)
func LookupOriginAccessIdentityOutput(ctx *Context, args *LookupOriginAccessIdentityOutputArgs, opts ...InvokeOption) LookupOriginAccessIdentityResultOutput> Note: This function is named LookupOriginAccessIdentity in the Go SDK.
public static class GetOriginAccessIdentity
{
public static Task<GetOriginAccessIdentityResult> InvokeAsync(GetOriginAccessIdentityArgs args, InvokeOptions? opts = null)
public static Output<GetOriginAccessIdentityResult> Invoke(GetOriginAccessIdentityInvokeArgs args, InvokeOptions? opts = null)
}public static CompletableFuture<GetOriginAccessIdentityResult> getOriginAccessIdentity(GetOriginAccessIdentityArgs args, InvokeOptions options)
public static Output<GetOriginAccessIdentityResult> getOriginAccessIdentity(GetOriginAccessIdentityArgs args, InvokeOptions options)
fn::invoke:
function: aws:cloudfront/getOriginAccessIdentity:getOriginAccessIdentity
arguments:
# arguments dictionaryThe following arguments are supported:
- Id string
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
- Id string
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
- id String
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
- id string
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
- id str
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
- id String
- The identifier for the origin access identity. For example:
E1ZAKK699EOLAL.
getOriginAccessIdentity Result
The following output properties are available:
- Arn string
- The origin access identity ARN.
- Caller
Reference string - Internal value used by CloudFront to allow future updates to the origin access identity.
- Cloudfront
Access stringIdentity Path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- Comment string
- An optional comment for the origin access identity.
- Etag string
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - Iam
Arn string - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - Id string
- S3Canonical
User stringId - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
- Arn string
- The origin access identity ARN.
- Caller
Reference string - Internal value used by CloudFront to allow future updates to the origin access identity.
- Cloudfront
Access stringIdentity Path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- Comment string
- An optional comment for the origin access identity.
- Etag string
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - Iam
Arn string - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - Id string
- S3Canonical
User stringId - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
- arn String
- The origin access identity ARN.
- caller
Reference String - Internal value used by CloudFront to allow future updates to the origin access identity.
- cloudfront
Access StringIdentity Path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- comment String
- An optional comment for the origin access identity.
- etag String
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - iam
Arn String - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - id String
- s3Canonical
User StringId - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
- arn string
- The origin access identity ARN.
- caller
Reference string - Internal value used by CloudFront to allow future updates to the origin access identity.
- cloudfront
Access stringIdentity Path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- comment string
- An optional comment for the origin access identity.
- etag string
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - iam
Arn string - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - id string
- s3Canonical
User stringId - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
- arn str
- The origin access identity ARN.
- caller_
reference str - Internal value used by CloudFront to allow future updates to the origin access identity.
- cloudfront_
access_ stridentity_ path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- comment str
- An optional comment for the origin access identity.
- etag str
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - iam_
arn str - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - id str
- s3_
canonical_ struser_ id - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
- arn String
- The origin access identity ARN.
- caller
Reference String - Internal value used by CloudFront to allow future updates to the origin access identity.
- cloudfront
Access StringIdentity Path - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
- comment String
- An optional comment for the origin access identity.
- etag String
- Current version of the origin access identity's information.
For example:
E2QWRUHAPOMQZL. - iam
Arn String - Pre-generated ARN for use in S3 bucket policies (see below).
Example:
arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2QWRUHAPOMQZL. - id String
- s3Canonical
User StringId - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
