The cloudfront:ListDistributions action doesn't allow limiting by distribution: it only supports all or nothing. I misread the table of resource keys supported by actions. orz
The actions that do support limiting by distribution require an explicit account id in the ARN. It can't be blank like S3; it must be an actual account id or a wildcard.
tsibley
commented
5 months ago
The cloudfront:ListDistributions action doesn't allow limiting by distribution: it only supports all or nothing. I misread the table of resource keys supported by actions. orz
The actions that do support limiting by distribution require an explicit account id in the ARN. It can't be blank like S3; it must be an actual account id or a wildcard.
¹ https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudfront.html#amazoncloudfront-ListDistributions
Related-to: https://github.com/nextstrain/infra/pull/12 Related-to: https://github.com/nextstrain/zika/pull/59#issuecomment-2145973141
Checklist