{"slug":"iam-aws-cloudfront","cloud":"aws","service":"cloudfront","title":"AWS CloudFront (IAM)","description":"Amazon CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency.","category":"networking","common_permissions":["cloudfront:ListFunctions","cloudfront:GetFunction","cloudfront:DescribeFunction","cloudfront:ListKeyGroups","cloudfront:GetKeyGroup","cloudfront:ListPublicKeys","cloudfront:GetPublicKey","cloudfront:TagResource"],"least_privilege_example":"{\n  \"Version\": \"2012-10-17\",\n  \"Statement\": [\n    {\n      \"Effect\": \"Allow\",\n      \"Action\": [\n        \"cloudfront:ListFunctions\",\n        \"cloudfront:GetFunction\",\n        \"cloudfront:DescribeFunction\",\n        \"cloudfront:ListKeyGroups\",\n        \"cloudfront:GetKeyGroup\",\n        \"cloudfront:ListPublicKeys\",\n        \"cloudfront:GetPublicKey\",\n        \"cloudfront:TagResource\"\n      ],\n      \"Resource\": \"*\"\n    }\n  ]\n}","warnings":["Avoid cloudfront:* — grants full control including distribution deletion and function modification","Avoid cloudfront:DeleteFunction unless needed — can remove edge functions impacting performance"],"docs":"https://servicereference.us-east-1.amazonaws.com/v1/cloudfront/cloudfront.json","tags":["iam","aws"],"last_verified":"2026-06-14T00:00:00.000Z","next_check":"2026-12-11T00:00:00.000Z","created_at":"2026-06-14T04:48:55.212Z","updated_at":"2026-06-14T04:48:55.212Z"}