I am trying to get my S3 content to display via Cloudfront. Unfortunately all that I see is a message stating that I do not have permission to access my files stored in S3. I have followed a few tutorials and really don't understand why it's not working.
Here is what I did:
Origin Domain Name: my_aws_bucket
Origin Path: /uploads # This is the folder where my images are stored
I have told Cloudfront to restrict bucket access to my created identity, and to set up a new policy on my bucket:
{
"Version": "2008-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity **********"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my_aws_bucket/*"
}
]
}
I cleared all other policie including IAM user policies (Just to be extra sure that nothing is blocking my newly created policy)
When I refresh my page, I however still only see image text. If I click on the image link in my page source I am presented with the following:
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>71C324761B2B3661</RequestId>
<HostId>
PUojsKhDRMcV1G2AItu8sBve5FdzJoq/ieecIrWVjFE5SpC2prxjz4PuI+nJLAHIgXcowtZY1M8=
</HostId>
</Error>
I have confirmed that the masked out values above matches that of my Identity.
I am pulling my hair out. As there is no reason that I can find why this shouldn't work and it's kept me busy for a few days now.
Aucun commentaire:
Enregistrer un commentaire