问题
I created a Cloudfront distribution with a CNAME images.domain.com with SSL, and I have 2 S3 buckets: one for user uploads, one for product pictures
The default bucket is the uploads bucket
I would like to use the same CloudFront for both buckets
So I added the 2 buckets as origins and created a "Behavior", with the path /products/* using my product bucket as origin
My "Behaviors" are :
- /products/* to: products bucket (precedence = 0)
- Default (*) to: uploads bucket (precedence = 1)
When I go to images.domain.com/products/78/34.jpg I get an AccessDenied
The file "78/34.jpg" is present in my products bucket
Files from the other bucket are working fine (ie images.domain.com/upload67.jpg with upload67.jpg in the uploads bucket)
回答1:
The pattern /products/* matches all objects in the specified origin bucket that are in a folder called 'products'. So, the key needs to be products/78/34.jpg.
If you create a folder called 'products' inside the products bucket and move the 73/34.jpg file in to it, the images.domain.com/products/78/34.jpg url should then work (you might need to invalidate if you recently got a error before creating the folder).
回答2:
I think you should add access public policy to your products bucket
{
"Version":"2008-10-17",
"Statement":[{
"Sid":"AllowPublicRead",
"Effect":"Allow",
"Principal": {
"AWS": "*"
},
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::bucket/*"
]
}
]
}
Make sure you replace bucket in arn:aws:s3:::bucket/* with your bucket name.
来源:https://stackoverflow.com/questions/30197296/multiple-s3-buckets-in-the-same-cloudfront-distribution