AWS Bucket Policy for restricting public access to bucket but allowing referring domain

Question

I have the following Bucket Policy:

{
"Version": "2008-10-17",
"Id": "MyDomainpremiumflvfiles",
"Statement": [
    {
        "Sid": "Allow get requests to specific referrers",
        "Effect": "Allow",
        "Principal": {
            "AWS": "*"
        },
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::premiumflvfiles/*",
        "Condition": {
            "StringLike": {
                "aws:Referer": [
                    "http://mydomain.com/*",
                    "http://www.mydomain.com/*"
                ]
            }
        }
    },
    {
        "Sid": "Allow CloudFront get requests",
        "Effect": "Allow",
        "Principal": {
            "AWS": "arn:aws:iam::123456789:root"
        },
        "Action": "s3:GetObject",
        "Resource": "arn:aws:s3:::premiumflvfiles/*"
    }
]
}

Where 123456789 has been replaced with my correct customer id, and mydomain has been replaced with the correct domain.

I have taken off public access, but when I do that, I don't have access to the files from the referring domain. I'm sure I'm missing something obvious, but I can't figure it out.

Thanks for any help.

Answer 1

This will help you to generate a valid policy AWS Policy Generator