- Newest
- Most votes
- Most comments
You don't say which region you are using and sometimes that can make a difference in this case.
If you create a S3 bucket and an associated CloudFront distribution; then update the S3 bucket policy it can take some time for the change to be applied within S3. The exception here is in the us-east-1 region - that will generally work immediately. For other regions you may find it will take a few minutes (sometimes an hour or so) for things to work properly.
You can tell when this is the case: If you use your browser to visit the CloudFront distribution and get the 403 error, look closely at the URL. If it is a S3 URL then you're in that synchronisation period. Have patience and it will resolve itself.
Can you make sure if the bucket policy is allowing Cloudfront Origin Access Control or Origin Access identity as described in this re:Post Knowledge Center Article. You can probably compare with the one which is working fine.
I'd suggest you to go through How do I troubleshoot 403 errors from CloudFront?, this would certainly help you to get to the root cause.
Comment here about how your troubleshooting goes, happy to assist further.
Abhishek
Relevant content
- Accepted Answerasked 2 years ago
AWS OFFICIALUpdated a year ago- AWS OFFICIALUpdated 8 months ago
- AWS OFFICIALUpdated a year ago
