Sample Waiting Room site get Access Denied from S3
sonphnt opened this issue · comments
Describe the bug
When I open the url from "ControlPanelURL" and "WaitingRoomURL" from the Output stack, I got XML page with Access Denied
Expected behavior
A website should be loaded
Please complete the following information about the solution:
Version: 1.0.0
Did I miss something? Thanks
Hi, it looks like we're using the global hostnames for the buckets in the CloudFormation distribution. This means it could take several hours for the bucket DNS names to propagate.
We will modify the template to use the regional bucket hostnames in the next release, and use this issue to track it, which should prevent this from happening on new buckets.
It might be working by now. I see this was posted 6 hours ago.
You can also workaround this by changing the origin hostnames for the buckets from global to regional in CloudFront. It requires adding the region name to the bucket hostname. https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-bucket-intro.html#virtual-host-style-url-ex
@JimTharioAmazon Yes, it works after a few hours as you said. But now I have time to see this solution again, I see in the Control Panel of the website, there are 2 connected, there are 2 in "red" with check configuration, and I check the console log of the browser, there is an issue with CORS to API Gateway "api/num_active_tokens" and "api/expired_token". Do you have any ideas about this issue? Thanks
Serving Counter connected
Waiting Room Size connected
Active Tokens check configuration
Expired Tokens check configuration
Where you able to obtain keys for the control panel from this part of the Implementation Guide?
https://docs.aws.amazon.com/solutions/latest/aws-virtual-waiting-room/automated-deployment.html#step-2.-optional-test-the-waiting-room
@JimTharioAmazon I created a IAM user with which I have an access key and secret key and belong to ProtectedAPIGroup. I use those to use in Example Control Panel (the first two input boxes), I leave empty for the Session Token which is optional.