I have created an S3 and I uploaded files on the bucket successfully. Now, I am trying to make it work with CloudFront however it is giving me
IllegalLocationConstraintException
The ap-east-1 location constraint is incompatible for the region specific endpoint this request was sent to.
My S3 url is: http://my-bucket-name.s3.ap-east-1.amazonaws.com/assets/local/css/app.css (this returns me the file)
CloudFront is linked to the S3, and the url: https://id.cloudfront.net/assets/local/css/app.css (this returns me the IllegalLocationConstraintException)
In S3 bucket > Permissions >
"Block Public Access" is Off
"Bucket Policy" is auto-generated:
{
"Version": "2008-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [
{
"Sid": "1",
"Effect": "Allow",
"Principal": {
"AWS": "######"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::my-bucket-name/*"
}
]
}
What am I doing wrong?
Open the CloudFront console. Choose Create Distribution. Under Origin, for Origin domain, choose your S3 bucket's REST API endpoint from the dropdown list. Or, enter your S3 bucket's website endpoint.
By default, your Amazon S3 bucket and all the files in it are private—only the Amazon account that created the bucket has permission to read or write the files. If you want to allow anyone to access the files in your Amazon S3 bucket using CloudFront URLs, you must grant public read permissions to the objects.
To try this, create a new lambda function in the AWS console. Choose 'Edge Nodge. js 4.3' for the language and look for the cloudfront-modify-response-header template. If you do this, Lambda will ask you which CloudFront distribution and event to apply the function to.
You can give a CloudFront OAI access to files in an Amazon S3 bucket by creating or updating the bucket policy in the following ways: Using the Amazon S3 bucket's Permissions tab in the Amazon S3 console .
bucketname.s3.regioncode.amazonaws.com
Even when you auto-select the S3 in CloudFront as related bucket, you still need to put your location manually for making it work.
Update:
My issue was because my CloudFront origin was not in us-east, and when you auto-select your bucket's origin in CloudFront, it doesn't add the location prefix to the url. So make sure you add your s3 location like so:
bucketname.s3.ap-east-1.amazonaws.com
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With