All geek questions in one place

Multiple S3 codes in a single CloudFront distribution

I created a Cloudfront distribution with CNAME images.domain.com with SSL, and I have 2 S3 buckets: one for user downloads, one for product images. By default, a bucket is used to download

I would like to use the same CloudFront for both buckets

So, I added 2 buckets as sources and created a โ€œBehaviorโ€ using the path /products/* , using my bucket as a source

My "Behaviors":

  • / products / * to: bucket of products (priority = 0)
  • Default (*) to: uploads bucket (priority = 1)

When I go to images.domain.com/products/78/34.jpg , I get AccessDenied

The file "78 / 34.jpg" is present in my product bucket

Files from another bucket work fine (i.e. images.domain.com/upload67.jpg with upload67.jpg in the download bucket)

+6
source share
2 answers

The sample /products/* matches all objects in the specified statement of origin that are in the folder named "products". Therefore, the key should be products/78/34.jpg .

If you create a folder called โ€œproductsโ€ inside the product basket and move the 73 / 34.jpg file to it, then the images.domain.com/products/78/34.jpg URL should work (you may need to cancel if you recently received an error message before creating the folder).

+3
source

I think you should add a public access policy to your product basket

 { "Version":"2008-10-17", "Statement":[{ "Sid":"AllowPublicRead", "Effect":"Allow", "Principal": { "AWS": "*" }, "Action":["s3:GetObject"], "Resource":["arn:aws:s3:::bucket/*" ] } ] }

Make sure you replace bucket in arn: aws: s3: bucket / * with your bucket name.

0
source

Source: https://habr.com/ru/post/987077/

More articles:


All Articles