为了保障我的网站的安全(当我访问我的网站时,我在左上角说“不安全”,我做了以下发言。
- create ACM certification and verify using Route 53
- create Cloudfront with this certification
- Create original access in Cloudfront
- Give permission to my S3 to be accessed by CloudFront by changing bucket policy.
第4步行没有发生以下错误:
Unknown Error
An unexpected error occurred.
API response
Invalid principal in policy
我的卑鄙政策就是这样。
{
"Version": "2012-10-17",
"Id": "PolicyForCloudFrontPrivateContent",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E3BVR0DQ0EMFFZ"
},
"Action": [
"s3:GetObject"
],
"Resource": "arn:aws:s3:::songms.com/*"
}
]
}
当我访问我的网站时,我会去我。
403 ERROR
The request could not be satisfied.
Bad request. We can t connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later, or contact the app or website owner.
If you provide content to customers through CloudFront, you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
Generated by cloudfront (CloudFront)
Request ID: vmlx8bao1D8k0myKHiGBSBCnCZDcZIUBiwNS1kIMEF_99Y_Gs0ZWQQ==
我有什么错误?
I have toyed with this for several hours without any progress. All I want is to make my website "secure" and I heard that to do so I need to use cloudfront and ACM.. Please, I really appreciate your help.