This is my first time setting up a website and I'm not experienced. I'm using AWS S3 to host a static site, EC2 to run the backend API, and RDS for data storage.
I followed the steps here and here to set up HTTPS with my custom DNS. So now I'm using CloudFront to point to the S3 bucket.
I can access the website but I'm getting 2 errors:
- GET https://www.customtimers.net/styles.css net::ERR_ABORTED 403 (Forbidden)
- POST https://54.83.112.139/custom-timers-api/auth/login net::ERR_CONNECTION_REFUSED (when trying to log in or create a new account).
I've been tweaking CloudFront settings and here are the current values that deviate from the above linked guides:
CloudFront distribution > Behavior
- Viewer
- Allowed HTTP methods: GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
- Cache key and origin requests
- Cache policy: CachingOptimized
- Origin request policy: AllViewerExceptHostHeader
- Response headers policy: SimpleCORS
For S3, I have Block public access all to off and ACLs disabled.
Here is my S3 bucket policy that I got from CloudFront:
{"Version": "2008-10-17","Id": "PolicyForCloudFrontPrivateContent","Statement": [ {"Sid": "AllowCloudFrontServicePrincipal","Effect": "Allow","Principal": {"Service": "cloudfront.amazonaws.com" },"Action": "s3:GetObject","Resource": "arn:aws:s3:::custom-timers-s3/*","Condition": {"StringEquals": {"AWS:SourceArn": "arn:aws:cloudfront::537417415053:distribution/E17WSCN13J8TUC" } } } ]}Here is my code repo if that helps at all.
I've researched for days to try to find a solution but I'm not experienced enough to understand if I've found it or how to implement it.
I'm happy to supply more info, I just don't know what is relevant to understanding the problem.