1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
You haven't mentioned whether you're trying to use Origin Access Control (OAC), or Origin Access Identity (OAI - legacy).
However, the policy that you've provided looks almost correct for OAC, except for the Condition key which should look like this (no trailing slash):
AWS:SourceArn": "arn:aws:cloudfront::<AWS account ID>:distribution/<CloudFront distribution ID>"
Please take a look at the documentation for more information, particularly the section on SSE-KMS, if you're using that on your bucket
Note also that in the Cloudfront Origin settings, there's an option to copy a pre-populated policy statement that you can insert into your S3 bucket policy.
Contenus pertinents
- demandé il y a un an
- demandé il y a 3 mois
- demandé il y a 2 mois
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 9 mois
- AWS OFFICIELA mis à jour il y a 9 mois
- AWS OFFICIELA mis à jour il y a 2 ans