Enable Public Access to Private Bucket via CDN

Conversant CDN supports accelerating private objects through Conversant OSS or other AWS S3-compatible object storage services.

By configuring access credentials (AK/SK) in the CDN service, requests to private objects can be authenticated on behalf of users. When users access private objects through the public CDN URL without authentication, the CDN signs the requests using the preconfigured credentials, retrieves the objects from the origin, and delivers them as publicly accessible content.

Steps:

1. Go to Buckets in Conversant OSS, click Create Bucket, and enter a bucket name (e.g., demo_private_bucket).
2. Go to Credentials in Conversant OSS, click Create Credentials, assign Read permissions, and record the generated AccessKey (AK) and SecretKey (SK).
3. Go to Domains in Conversant CDN, click Create Domain, configure the Origin URL to https://{oss_endpoint}/{bucket_name} (for example, https://12345.oss.swiftserve.com/demo_private_bucket), and click Save.
4. Go to Origin Control in Conversant CDN, click Edit, and enable **Config S3 Credential **under Origin Advanced Settings. And enter the AK/SK:
   • For Conversant OSS, configure the Region to default.
   • For Amazon S3, configure the Region to the corresponding AWS region. And click Save.

Once the configuration completes, the private objects can be accessed publicly through the CDN URL, for example:

https://oss-origin.example.com/demo_private_bucket/demo_obj