CloudFront not pointing to website


Hi I set up my new website on AWS ( and thought I had set up CloudFront OK but the distribution domain name given by CloudFront brings up strange message.

已提問 2 年前檢視次數 314 次
3 個答案

The error that I get is Access Denied. Can you share what is the origin that is setup behind CloudFront? Also, which cache and origin request policies are you using? This error can often occur if origin is expecting one thing (like a certain host header), but CloudFront is forwarding something different.

If you can provide some additional details, we can probably figure it out.

profile pictureAWS
已回答 2 年前
  • Hi JeremyAWS The origin name is Origin domain is Origin access identity is origin-access-identity/cloudfront/E3ACSZ9UVFDL0C

    Cache policy name is Managed-CachingOptimized Origin request policy is blank Response headers policy name is blank

    Thanks Martin

  • Martin, Thank you for the additional details.

    I am trying to hit the CloudFront domain name that you shared in your original post, but it is no longer resolving for me.


Hi Martin,

I think I see the issue. When I check your new distribution domain ( I get a 403 Access Denied error, just like before, however when I manually add index.html it works. Here are my tests.

Failed Test:

curl -I
HTTP/2 403 
content-type: application/xml
x-amz-bucket-region: eu-west-2
date: Fri, 01 Jul 2022 15:22:13 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: BV5gkqsGzGcq_dTuXjKxck2iEk_MTNnCqsQVGns48eJ5jfCu9KMSLA==

Successful Test:

curl -I
HTTP/2 200 
content-type: text/html
content-length: 23805
date: Fri, 01 Jul 2022 15:22:46 GMT
last-modified: Mon, 27 Jun 2022 16:18:03 GMT
etag: "bb8b96994e863cf732a20e6e7f22245c"
accept-ranges: bytes
server: AmazonS3
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 (CloudFront)
x-amz-cf-pop: MIA3-C4
x-amz-cf-id: Kmwpw5LoVwV3fxEwML9h5KmjsAmmJ8GzOmZD2roUuOAFv6V6mz8j7Q==

I think the fix is to make sure you are setting a default root object on your distribution, specifically you want to add index.html. You can reference the documentation here for more information.

profile pictureAWS
已回答 2 年前
  • Thanks JeremyAWS for your help again. I have now made that tweak which I had missed. My only other observation is that when I type the following into my browser I am still getting the red padlock saying unsecure connection when I have set up an SSL cert.


Hi JeremyAWS I had deleted it and started again.

Distribution Domain Name is Origin Name is Origin Domain is

Cache policy name is Managed-CachingOptimized

Alternate Domain Names:,

ARN: arn:aws:cloudfront::894520577280:distribution/E2EXYUKTCT8UHD

SSL Cert: 9031dcc5-27fa-463a-8ad0-f2a44af56759

已回答 2 年前

您尚未登入。 登入 去張貼答案。