Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

IllegalLocationConstraintException on CloudFront (for S3)

Tags:

amazon-web-services

cdn

amazon-s3

amazon-cloudfront

I have created an S3 and I uploaded files on the bucket successfully. Now, I am trying to make it work with CloudFront however it is giving me

IllegalLocationConstraintException

The ap-east-1 location constraint is incompatible for the region specific endpoint this request was sent to.

My S3 url is: http://my-bucket-name.s3.ap-east-1.amazonaws.com/assets/local/css/app.css (this returns me the file)

CloudFront is linked to the S3, and the url: https://id.cloudfront.net/assets/local/css/app.css (this returns me the IllegalLocationConstraintException)

In S3 bucket > Permissions >

"Block Public Access" is Off

"Bucket Policy" is auto-generated:

{
    "Version": "2008-10-17",
    "Id": "PolicyForCloudFrontPrivateContent",
    "Statement": [
        {
            "Sid": "1",
            "Effect": "Allow",
            "Principal": {
                "AWS": "######"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-bucket-name/*"
        }
    ]
}

What am I doing wrong?

like image 633
senty Avatar asked Jul 11 '19 16:07

senty

People also ask

How do I access my S3 bucket from CloudFront?

Open the CloudFront console. Choose Create Distribution. Under Origin, for Origin domain, choose your S3 bucket's REST API endpoint from the dropdown list. Or, enter your S3 bucket's website endpoint.

Do S3 buckets need to be public for CloudFront?

By default, your Amazon S3 bucket and all the files in it are private—only the Amazon account that created the bucket has permission to read or write the files. If you want to allow anyone to access the files in your Amazon S3 bucket using CloudFront URLs, you must grant public read permissions to the objects.

How do you implement Hsts in CloudFront?

To try this, create a new lambda function in the AWS console. Choose 'Edge Nodge. js 4.3' for the language and look for the cloudfront-modify-response-header template. If you do this, Lambda will ask you which CloudFront distribution and event to apply the function to.

Can CloudFront access a private S3 bucket?

You can give a CloudFront OAI access to files in an Amazon S3 bucket by creating or updating the bucket policy in the following ways: Using the Amazon S3 bucket's Permissions tab in the Amazon S3 console .

2 Answers

  1. Go to your CloudFront dashboard and click on the distribution ID
  2. Go to 'Origins and Origin Groups' tab
  3. select your origin and click 'edit
  4. edit 'Origin Domain Name' to match this format bucketname.s3.regioncode.amazonaws.com
  5. save and wait for 'deployed' state
like image 156
mshjri Avatar answered Sep 22 '22 09:09

mshjri

Even when you auto-select the S3 in CloudFront as related bucket, you still need to put your location manually for making it work.

Update:

My issue was because my CloudFront origin was not in us-east, and when you auto-select your bucket's origin in CloudFront, it doesn't add the location prefix to the url. So make sure you add your s3 location like so:

bucketname.s3.ap-east-1.amazonaws.com

like image 34
senty Avatar answered Sep 21 '22 09:09

senty
Sign in to Comment

Related questions

AWS API Gateway and Python Lambda returning HTML
AWS S3 cli - tag all objects within a directory
AWS:ELB health is failing or not available for all instances
How can I get my AWS Lambda to access gems stored in vendor/bundle?
How to set an environment variable in Amazon Elastic Beanstalk (Python)
Capistrano cannot deploy code, because Net::SSH::AuthenticationFailed: Authentication failed
How do I perform Laravel Artisan migrations on AWS Elastic Beanstalk?
Make python script to run forever on Amazon EC2
lambda trigger callback vs context.done
How to restart mysql server? [closed]
AWS S3 and AWS storage gateway
amazon aws sns, sms option not available?
output plain text content from Amazon API gateway endpoint
AWS Beanstalk - getting "Access denied while accessing Auto Scaling and ..." error
How to specify a ACM certificate in a specific region for a data source?
Import Postgres data into RDS using S3 and aws_s3
Wipe out EB init config
AWS DocumentDB with Robo 3T (Robomongo)
Unable to RDP to EC2 instance
Is there a way to assign a Static IP to a AWS Lambda without VPC?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!