Can I set aws S3 policy for cloudflare?

Question

I have a S3 Bucket names "cdn.myexmaple.com"

and I set Cloudflare point my site "myexample.com" DNS

CNAME cdn cdn.myexample.com.s3.amazonaws.com

how can I set my bucket policy allow Cloudflare can get bucket object?

There is a way to set S3 Bucket allow http refer like:

{
  "Version":"2012-10-17",
  "Id":"http referer policy example",
  "Statement":[
    {
      "Sid":"Allow get requests originated from www.example.com and example.com",
      "Effect":"Allow",
      "Principal":"*",
      "Action":"s3:GetObject",
      "Resource":"arn:aws:s3:::cdn.myexample.com/*",
      "Condition":{
        "StringLike":{
          "aws:Referer":[
            "http://cdn.myexample.com/*",
            "http://www.myexample.com/*"
          ]
        }
      }
    }
  ]
}

Can I set a police that allow CLoudFlare to access object?

Answer 1

We have tips for S3 and CloudFlare already.

Everything should work fine as long as we are proxying the record in your DNS settings.