Allow only certain hostnames access to R2 Buckets

Hi,

I have an R2 bucket which has a subdomain tied to it. I want to prevent public direct access to its objects.
I saw that with Zero trust we can enable certain IP addresses to have access or common name.

If cant use IP addresses because they may change based on the user of the app. If I use a common name, I believe it should work but its not. Help.

Or if there are other ways I could allow only access from my domain.

Hi @joelngozo,

How about WAF tokens?

Thank you.