Lambda@Edge
We can use Lambda@Edge to override the behaviour of request and responses
Protection
By Default a Distribution allows everyone to have access.
Original Identity Access(OAI) :
A virtual user identity that will be used to give your CloudFront Distribution permission to fetch a private object
when Restrict viewer Access set to Yes, viewer must use Signed URLs or Signed cookies to access content