DH, CloudFront, S3



I set up a CloudFront CDN for my site, but I have a couple of questions:

  1. The subdomain I chose doesn’t seem to work yet. Do I need to add the CloudFront subdomain on my DH panel or is it taken care of by the setup script (i.e., I just need to wait for the subdomain to proliferate through DNS?

  2. How often is the folder on the DH side re-scanned for new files?

  3. I put a file in the bucket, but when I try to access the file directly, via either its .cloudfront.net or .s3.amazonaws.com URLs, I get an AccessDenied error. Anyone know why? Do I need to put a policy on the CloudFront CDN, the S3 bucket or both?


What are the permissions on the S3 bucket set to?


{ "Version":"2008-10-17", "Id":"http referer policy example", "Statement":[ { "Sid":"Allow get requests referred by www.mysite.com and mysite.com", "Effect":"Allow", "Principal":"*", "Action":"s3:GetObject", "Resource":"arn:aws:s3:::static.bitsandbooks.com/*", "Condition":{ "StringLike":{ "aws:Referer":[ " http://www.bitsandbooks.com/*", " http://bitsandbooks.com/*" ] } } } ] }

Also, does the folder I’m uploading to have to exist inside my web folder (i.e., /home/username/sitefolder/cloudfrontfolder) or can I put it anywhere in my account (i.e., /home/username/cloudfrontfolder)?


I use S3 with my websites.
I do not bother with uploading anything from DH side, best is to just ignore that part. It just complicates things in my experience. All you have to do is fill in the needed user/pwd/key/subdomain in the DH Goodies/Amazon Cloudfront.

Just create the needed sub domain within your Amazon S3 account.

Get the FREE program Cloudberry and use that for all upload/permission/ect.

(No need for the paid version if you are just a small user)

The accessdenied error you get is probably because you ALWAYS need to select the file within your Amazon account (or Cloudberry = much easier and faster) and set it to public everybody. Standard all uploads are set to non-public which means files can not be accessed.


Thanks, I had the same problem, solved with your help. A few helpful details…

As ronthai says, Cloudberry is very useful. Once you’ve been through the set up on dreamhost, the bucket associated with your cloudfront dreamhost subdomain will appear in S3 when you access it with cloudberry. To set the correct permissions, rightclick on the corresponding bucket under root, choose ACL settings and press the Public (everyone) button, also, tick the box to apply to all files and folders within.

However, it was only after I logged into my cloudfront account on amazon web services and specifically set my index page that I stopped getting errors. Click the distribution, this activates the distribution settings button, click that and in the general section you can edit it to set index.html or whatever it is as the default route object.

Without that step, I had to visit cloudfront.mything.com/index.html specifically. A request to cloudfront.mything.com/ would give a message that said:

This XML file does not appear to have any style information associated with it. The document tree is shown below.

With the delay associated with making changes to the configuration, it took me a while to work that out.