Skip to main content

Creating a Read-Only CloudFront Role in AWS

You can add your CloudFront CDN in a Read-Only mode to IO River and to use it for importing your configuraion. In order to add CloudFront as one of your CDN providers, you need to have an AWS role which can be used with IO River.

As part of creating a role, you need to generate UUID to be used as an External Id. You can easily create this role using one of the following methods:

  • Using CloudFormation - Use this quick-create link to create the read-only role.
  • Using Terraform - Use this code to create the read-only role.

Once you have created the role, you should obtain:

  1. RoleArn - Id of the role created
  2. External-Id - The UUID you generated and used to create the role with.

At this point, read-only roles can only be added to the account by the IO River team. Please contact the IO River team and provide them with the RoleArn and External-Id.