amazon web services - Cloudfront 403 error while accessing files uploaded by another account -
i have cloudfront distribution takes 1 of s3 buckets origin server. files uploaded s3 third party attachment uploader.
when try access file in s3 via cloudfront getting 403 forbidden error access denied xml (as below). when manually upload files s3 bucket able access file via cloudfront.
the permission both files same except owner of file. file uploaded me manually owner, of file account , file uploaded uploader, uploader. third party attachment uploader gives full access of object bucket owner. also, have restricted bucket access not viewer access.
what reasons can cause error? how go debugging this?
when second aws account uploads content s3 bucket serving content via cloudfront oai, uploaded file needs have oai canonical id added --grant read=id="oai-canonical-id" when file uploade; add s3 bucket owner grant full=id="bucketownerid". aws cli used perform uploaded. adjust according method used. when file viewed in s3 bucket, permissions have cloudfront listed grantee. file should readable via cloudfront.
Comments
Post a Comment