Configure your property to sign requests with an access key

The final step in getting started with Cloud Access Manager is to configure your property to point to the access key that you want to use to sign your requests. To do that, you can add or modify the Origin Characteristics behavior and select the access keys that you previously created in Cloud Access Manager.

Before you begin

  • Make sure that you configured the Origin Server behavior to serve content from a cloud-based origin. See Origin Server in Property Manager.
  • Make sure you’re familiar with best practices for cloud origin providers. See Best practices.

How to

  1. Access Property Manager configurations associated with the selected Control Center account. Go to > CDN > Properties (or just enter Properties in the search box).
    The Property Groups page opens.
  2. Click the Property Name link for your property.
  3. On the Property Details page, click the Version of your configuration that you want to access in Manage Versions and Activations.
    The Property Manager Editor appears.
  4. If your property is already active, click Edit New Version to introduce your changes.
  5. If you haven't configured the Origin Characteristics yet, select or create the rule where you want to enable this behavior:
    • To authenticate requests to all hostnames in the property, add the behavior in the Default Rule.
    • To authenticate requests to specific hostnames in the property or requests matching specific criteria, add the behavior in a custom rule. See Working with rules and matches in Property Manager.
  6. Configure or edit the Origin Characteristic behavior:
    1. In Origin Location, select the geographical location of your origin server to optimize access to it.
      If you aren't sure about your server location, you can leave it as Unknown. See Origin Characteristics in Property Manager.
    2. In Authentication Method, select the third-party cloud provider that you use as your origin, either Amazon Web Services or Interoperability Google Cloud Storage.
  7. Switch Encrypted Storage to yes.
    This lets you refer to access keys your created and securely store in Cloud Access Manager. If you disable this option, the Origin Characteristics behavior stores the authentication details unencrypted.
  8. In Access Key, select the access key that you want to use to sign requests to a cloud origin.
    This field lists only active access keys that you created in Cloud Access Manager and that match your property's authentication method selected in the Origin Characteristics behavior.
  9. Amazon Web Services only: In Region, enter the code of the AWS region that houses your AWS service.
  10. Amazon Web Services only: In Service Endpoint, enter the code of your AWS service.
    This is the segment or its part that precedes amazonaws.com or a region code in your the AWS service endpoint. For example, s3 is the service code for this service endpoint: https:// account-id.s3-control.eu-north-1.amazonaws.com. See AWS Service Endpoints and Service Endpoints and Quotas.

Next steps

You can activate your property on the staging network to test if you configuration works properly. When you’re happy with the results, you can activate it on the production network.