In order to make my website secure (when I visit my website, it says "unsecure" in the top left corner), I did the following.
Step 4 doesn't work with the following error
Unknown Error
An unexpected error occurred.
API response
Invalid principal in policy
My bucket policy looked like this.
{
"Version": "2012-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E3BVR0DQ0EMFFZ"
},
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::songms.com/*"
}
]
}
When I go to my website I get
403 ERROR
The request could not be satisfied.
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
Request ID: vmlx8bao1D8k0myKHiGBSBCnCZDcZIUBiwNS1kIMEF_99Y_Gs0ZWQQ==
What did I do wrong?
I have toyed with this for several hours without any progress. All I want is to make my website "secure" and I heard that to do so I need to use cloudfront and ACM.. Please, I really appreciate your help.
You should post your config here so people can better understand where you are missing. However, I think you haven't attached the OAI to Origin With the error of not being able to change your s3 policy, I think your user does not have the permission to do that. You can edit s3 policy yourself instead of letting cloudfront do it. If that doesn't work, ask someone else with higher permission.