Is it possible to create a policy with multiple statements when using a CloudFront custom policy for signed cookies (not signed URLs)?
I have read the documentation, and although all the examples just have one statement, I cannot see an explicit rule regarding the number of statements allowed.
If it's not possible to have multiple policy statements, it will be difficult to give a particular user signed-cookie access to say, five random files using only the CloudFront security. Any tips on how to do that would be appreciated.
This question is cross-posted here: https://forums.aws.amazon.com/thread.jspa?threadID=223440&tstart=0
FYI
I have faced with the same problem, and contacted with the official AWS support team.
Hello, thanks for offering us a great service.
I am an software engineer from Japan.
Can we have multiple custom policies, like below syntax?
{
"Statement": [
{ ... },
{ ... },
{ ... },
]
}
I have searched on the web, and found ones who are trying to
do the same thing and forums/Q&A as well.
However we found no answer from AWS official support teams
nor documents saying about that.
JSON syntax is array, so it seems to work with
multiple statements but do not work.
So, if it does not work, would you add a sentence
about that on the official document?
And then, I got the answer yesterday:
I just heard back this morning.
You're correct, adding more than one statement
to a custom policy is not supported.
I'm updating the documentation now.
So, I think in few days the documentation will be updated that you can not set multiple policy statements for CF Custom Policy for Pre-Signed Cookies.