I am using CloudFront in combination with a S3-bucket.
When I access my CloudFront-domain (d4...cloudfront.net) directly, everything works fine and I can see my website + SSL-certificate.
But when I access my website-url, I get an 403 Forbidden-message (An Error Occurred While Attempting to Retrieve a Custom Error Document).
What I tried so far:
- When I created the CloudFront-distribution, I selected "Origin Access Identity: Create a new Identity" and "Update Bucket Policy"
- I added a Custom Error Page, which returns StatusCode 200 and /index.html as the respone page
My S3 bucket is not public, because I only want my CloudFront to access the S3-Bucket with this policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "2",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin
Access Identity ..."
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::www.../*"
}
]
}