From what I understand, you firstly had created an S3 website, with an error page. The error page is accessible at https://cl-error-docs-static-website.s3.amazonaws.com/errors_5xx/404.html
So first off, the reason you can access the above URL is due to your bucket having an open policy. If you were using the bucket website URL, it would look like this: http://cl-error-docs-static-website.s3-website-us-east-1.amazonaws.com This is because S3 website endpoints are only HTTP accessible.
Now looking at your original URL, you have used the S3 endpoint URL in your CloudFront Origin configuration. I would advise you to do the following:
- Remove the open bucket policy.
- Block all public access
- Disable the S3 website on the bucket.
- Edit your CloudFront Origin for your S3 bucket
- S3 bucket access = Yes use OAI (bucket can restrict access to only CloudFront)
- If you do not have an Origin Access Identity, create one and then select it.
- Bucket policy = Yes, update the bucket policy
- Save your changes.
This method will make your bucket private, as well as create an identity to allow access to your bucket only from CloudFront. Also make sure to add an error page 403, as S3 will return an error 403 access denied when you try to access an object that does not exist. https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-access-to-amazon-s3/ https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
One last note, if your bucket needs to be publicly accessible, then use the S3 website URL as your origin, and make your origin a custom origin instead.
Let me know if this helps.
Help getting custom error pages from S3 into Cloudfront DistributionAccepted Answerasked 25 days ago
Lightsail Distribution produces an errorasked a year ago
Getting Amazon S3 object tags through CloudFront distribution URLAccepted Answerasked 2 years ago
Cognito, Custom Domain and CloudfrontAccepted Answerasked 2 years ago
CloudFront Distribution not serving S3 Bucket pages unless /index.html included in URLasked 6 months ago
Getting strange error after attach Cloudfront to S3 website.asked 3 years ago
Price of disabled Amazon CloudFront Distribution with Dedicated IP Custom SSLAccepted Answerasked 3 years ago
CLOUDFRONT Failing to add Custom Originasked 4 months ago
Error adding alternate domain to CloudFront distributionasked 4 months ago
SES config set with custom domain getting http error 400asked a month ago