I've set up a static website using an S3 bucket for my domain (`detailinghubpk.com`) and have integrated CloudFront for handling HTTPS traffic. I've done everything from creating the S3 bucket with my domain name, uploading the necessary files, and setting up CloudFront to create a distribution linked to that bucket, to configuring a Route 53 hosted zone with the proper NS records and validating my SSL certificate. However, when I try to access my site, I keep getting an Access Denied (403) error, despite checking that I've set a default root object, invalidated the cache, and allowed CloudFront access via my bucket policy. What could be causing this?
3 Answers
It's really hard to troubleshoot without seeing the exact configuration of your Origin Access Control (OAC) and bucket policy. Can you share some details on that? Also, did you check the settings for signing requests in the OAC? That can often be the culprit for access issues like this.
Screenshots could be super helpful! Share what you can, without exposing any sensitive info. Maybe we can spot where things are going wrong.
I checked and it seems your site loads at this URL: [https://detailinghubpk.com/index.html](https://detailinghubpk.com/index.html), though it's showing the error page. Make sure you've set the default root object correctly in CloudFront; it should be set to `index.html`. That usually resolves these types of access issues!
Glad to hear it, I'm happy to help! Just let me know if you run into any more issues.
Have you checked for any KMS keys in your S3 setup? Sometimes they can block access to your assets. It sounds like there's some kind of S3 issue going on. Just make sure that your bucket is correctly configured for static web hosting too. I had a similar problem before but switched to an Application Load Balancer and Lambda instead of CloudFront, which worked for me, but I do prefer CloudFront myself. Just something to consider!
I ended up setting the root object to `index.html` and invalidating the cache, and now it's finally working! Thanks for the help!
I believe everything's set up right, but here's a curl command I ran that returned a 200 status: [https://d2c7t6poihgpg.cloudfront.net/index.html](https://d2c7t6poihgpg.cloudfront.net/index.html). Any thoughts?