diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index a0f6088b..409d008c 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -99,6 +99,8 @@ module "cloudfront_s3_cdn" {
   s3_access_log_bucket_name = module.s3_bucket.bucket_id
   s3_access_log_prefix      = "logs/s3_access"
 
+  origin_access_type = "origin_access_control"
+
   cloudfront_access_logging_enabled = true
   cloudfront_access_log_prefix      = "logs/cf_access"
   s3_object_ownership               = "BucketOwnerPreferred"
@@ -110,6 +112,7 @@ module "cloudfront_s3_cdn" {
     domain_name = module.s3_bucket.bucket_regional_domain_name
     origin_id   = module.s3_bucket.bucket_id
     origin_path = null
+    origin_access_control_id = null
     s3_origin_config = {
       origin_access_identity = null # will get translated to the origin_access_identity used by the origin created by this module.
     }
diff --git a/examples/complete/outputs.tf b/examples/complete/outputs.tf
index e21216f7..95df73e5 100644
--- a/examples/complete/outputs.tf
+++ b/examples/complete/outputs.tf
@@ -33,6 +33,11 @@ output "cf_identity_iam_arn" {
   description = "CloudFront Origin Access Identity IAM ARN"
 }
 
+output "cf_access_control_id" {
+  value       = module.cloudfront_s3_cdn.cf_access_control_id
+  description = "CloudFront Origin Access Control ID"
+}
+
 output "cf_origin_groups" {
   value       = module.cloudfront_s3_cdn.cf_origin_groups
   description = "List of Origin Groups in the CloudFront distribution."
diff --git a/examples/complete/s3-origins.tf b/examples/complete/s3-origins.tf
index b2d33a5f..17b9e593 100644
--- a/examples/complete/s3-origins.tf
+++ b/examples/complete/s3-origins.tf
@@ -4,6 +4,7 @@ locals {
     domain_name = null
     origin_id   = null
     origin_path = null
+    origin_access_control_id = null
     s3_origin_config = {
       origin_access_identity = ""
     }