DEV Community

loading...

Discussion on: Host Static website using AWS CDK for Terraform and CloudFront: Part 2

Collapse
thakkaryash94 profile image
Yash Thakkar Author

Yes, we need to comment out the bucket access url because we are not serving s3 bucket as a url anymore. That's why we printing CloudFront URL. I kept it for the part 1, but for part 2, we need to comment out the s3 bucket url and can only access using CloudFront URL.

Collapse
shotlom profile image
Sholto Maud

I get access denied on my url - how did you make sure your Cloudfront can have access to the S3? Also, do you Route53 for your dns?

Thread Thread
thakkaryash94 profile image
Yash Thakkar Author

We have setup CloudFront Origin Access Identity(OAI) and also updated the S3 bucket permission as below.
{
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${cloudfrontOriginAccessIdentity.id}"
}

So with this, only CloudFront will be able to access the bucket using OAI.