- Newest
- Most votes
- Most comments
The error that I get is Access Denied. Can you share what is the origin that is setup behind CloudFront? Also, which cache and origin request policies are you using? This error can often occur if origin is expecting one thing (like a certain host header), but CloudFront is forwarding something different.
If you can provide some additional details, we can probably figure it out.
Hi Martin,
I think I see the issue. When I check your new distribution domain (d2yyy4m4xxvebl.cloudfront.net) I get a 403 Access Denied error, just like before, however when I manually add index.html it works. Here are my tests.
Failed Test:
curl -I https://d2yyy4m4xxvebl.cloudfront.net
HTTP/2 403
content-type: application/xml
x-amz-bucket-region: eu-west-2
date: Fri, 01 Jul 2022 15:22:13 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 6cc41d94d86a801771f93bf4b08d0b94.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: BV5gkqsGzGcq_dTuXjKxck2iEk_MTNnCqsQVGns48eJ5jfCu9KMSLA==
Successful Test:
curl -I https://d2yyy4m4xxvebl.cloudfront.net/index.html
HTTP/2 200
content-type: text/html
content-length: 23805
date: Fri, 01 Jul 2022 15:22:46 GMT
last-modified: Mon, 27 Jun 2022 16:18:03 GMT
etag: "bb8b96994e863cf732a20e6e7f22245c"
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 ea71b96212c28d5f0611046b8d2932f6.cloudfront.net (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: Kmwpw5LoVwV3fxEwML9h5KmjsAmmJ8GzOmZD2roUuOAFv6V6mz8j7Q==
I think the fix is to make sure you are setting a default root object on your distribution, specifically you want to add index.html. You can reference the documentation here for more information.
Thanks JeremyAWS for your help again. I have now made that tweak which I had missed. My only other observation is that when I type the following into my browser http://knowyoursubject.com I am still getting the red padlock saying unsecure connection when I have set up an SSL cert.
Hi JeremyAWS I had deleted it and started again.
Distribution Domain Name is d2yyy4m4xxvebl.cloudfront.net Origin Name is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin Domain is knowyoursubject.com.s3.eu-west-2.amazonaws.com
Cache policy name is Managed-CachingOptimized
Alternate Domain Names: www.knowyoursubject.com, knowyoursubject.com
ARN: arn:aws:cloudfront::894520577280:distribution/E2EXYUKTCT8UHD
SSL Cert: 9031dcc5-27fa-463a-8ad0-f2a44af56759
Relevant content
- asked 10 months ago
- asked 10 months ago
AWS OFFICIALUpdated 2 months ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a year ago
Hi JeremyAWS The origin name is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin domain is knowyoursubject.com.s3.eu-west-2.amazonaws.com Origin access identity is origin-access-identity/cloudfront/E3ACSZ9UVFDL0C
Cache policy name is Managed-CachingOptimized Origin request policy is blank Response headers policy name is blank
Thanks Martin
Martin, Thank you for the additional details.
I am trying to hit the CloudFront domain name that you shared in your original post, but it is no longer resolving for me.