AwsSolutions-CFR7 nag for `@cloudcomponents/cdk-static-website:2.2.0`

[SerVB]

Probably something is updated in aws-cdk-lib/cdk-nag, but I now have the following error for the static website:

[Error at /Stack/StaticWebsite/Distribution/Resource] AwsSolutions-CFR7: The CloudFront distribution does not use an origin access control with an S3 origin. Origin access controls help with security by restricting any direct access to objects through S3 URLs

Ended up suppressing it.

@cloudcomponents/cdk-static-website should probably start to support OAC, not only OAI. References:

• cdk-constructs/packages/cdk-static-website/src/website-bucket.ts

  Line 67 in 0f43bf0

  const originAccessIdentity = new OriginAccessIdentity(this, 'OriginAccessIdentity', {

• https://aws.amazon.com/blogs/networking-and-content-delivery/amazon-cloudfront-introduces-origin-access-control-oac/
• https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#migrate-from-oai-to-oac