Example showing what you need to make S3OriginConfig work:
DistributionConfig:
Enabled: true
Origins:
-
Id: "WebsiteDistribution"
DomainName: !Ref WebsiteBucket
S3OriginConfig:
OriginAccessIdentity: !Sub 'origin-access-identity/cloudfront/${OriginAccessIdentity}'
OriginAccessIdentity:
Type: 'AWS::CloudFront::CloudFrontOriginAccessIdentity'
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: 'Access S3 bucket content only through CloudFront'