AWS CloudFront Access Denied To S3 Bucket
Answer : To assist with your question, I recreated the situation via: Created an Amazon S3 bucket with no Bucket Policy Uploaded public.jpg and make it public via "Make Public" Uploaded private.jpg and kept it private Created an Amazon CloudFront web distribution : Origin Domain Name: Selected my S3 bucket from the list Restrict Bucket Access: Yes Origin Access Identity: Create a New Identity Grant Read Permissions on Bucket: Yes, Update Bucket Policy I checked the bucket, and CloudFront had added a Bucket Policy similar to yours. The distribution was marked as In Progress for a while. Once it said Enabled , I accessed the files via the xxx.cloudfront.net URL: xxx.cloudfront.net/public.jpg redirected me to the S3 URL http://bucketname.s3.amazonaws.com/public.jpg . Yes, I could see the file, but it should not use a redirect. xxx.cloudfront.net/private.jpg redirected me also, but I then received Access Denied because it is a private file in...