AWS re:Post을(를) 사용하면 다음에 동의하게 됩니다. AWS re:Post 이용 약관
AWS re:Postre:Post

Why will cloudfront only open my www. website which is my subdomain and not my domain name? Eg example.com

0

I am developing a static website and I have 2 s3 buckets, 1 domain and the other a subdomain which were created through route 53. It's all up and running , however if I put in www.example.com in the website comes up but I get a 403 error when I do the same for example.com.

Also why can't cloudfront see the images? I get access denied

These aren't my domain names I have my own Thanks

주제
스토리지네트워킹 및 콘텐츠 전송
태그
아마존 심플 스토리지 서비스아마존 CloudFront아마존 루트 53
언어
English
Sarah
질문됨 5달 전308회 조회
4개 답변
0

Hi Gary, Sorry newbie here. What isn't required? I Currently have my origin domain pointing to example.com with redirect to https, and i've updated the root domain bucket policy but I still get a 403

Sarah
답변함 5달 전
  • Gary Mclean 전문가
    5달 전

    Hey Sarah, Can you share bucket policy omitting/masking any sensitive information. Also ssl config on your CF distro

  • Gary Mclean 전문가
    4달 전

    Public access to S3 isnt required if your using OAC..

0

Hey Gary, I found a website in which you could turn off block all access as it was going through cloudfront as I don't want people gaining access to my bucket objects, mainly the pictures.

So I have re-enabled block public access, added both domain names into the alternative domain name. However adding both into the domain name now stops the www.website from working. I get 403 ERROR The request could not be satisfied for both, but they do have https in front of them, so I know that bit is working.

Both my DNS records point to the cloudfront distribution and my root object to set to index.html.

I do have a WAF in front, do you think that could be causing an issue?

Sarah
답변함 4달 전
0

Hi Gary, so this is my bucket policy currently on my domain bucket. It doesn't have static website hosting enabled either, so only objects can be public Block public access set to OFF. { "Version": "2008-10-17", "Id": "PolicyForCloudFrontPrivateContent", "Statement": [ { "Sid": "AllowCloudFrontServicePrincipal", "Effect": "Allow", "Principal": { "Service": "cloudfront.amazonaws.com" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::domain bucket/*", "Condition": { "StringEquals": { "AWS:SourceArn": "arn:aws:cloudfront::"

My cf origin name is my s3 bucket website endpoint, origin name is set to my domain name with HTTPS only set. Behavior screen my origin is set to the bucket website endpoint, protocol set to redirect to HTTPS

Sarah
답변함 4달 전
0

Hey Sarah,

There seems to be some miss configuration here.

Block public access is off but you have no policy allowing public access and static website hosting is not enabled. So you can re-enable block public access as the policy on your bucket is OAC for cloudfront.

Have you added both domain names to the alternative domain name configuration to your cloudfront configuration?

Do your dns records point to the cloudfront distribution as aliases?

Do you have a root object configuration in your cloudfront configuration?

profile picture
전문가
Gary Mclean
답변함 4달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠