Cloudfront can set the correct Amazon S3 bucket policy for Jekyll hosting

Knowing that CloudFront can be used to set the permissions for the S3 bucket that hosts your Jekyll site would have saved me a lot of time.

I spent a lot of time trying different variations of S3 bucket policies and was struggling to find any conclusive advice. Then I found that there’s a tickbox in CloudFront that sets the S3 bucket permissions automatically. Sheesh!

How to use CloudFront to set your S3 bucket permissions

While being led through your CloudFront distribution you will be asked if you want to restrict bucket access. By default this is set to ‘no’. When you set this option to ‘yes’ a whole host of new options will appear. You should see an option for CloudFront to set the policy on your S3 bucket automatically.

Caveat

I don’t know for fact that this is true. But it certainly appears to be the case. When I allowed CloudFront to set the policy I went over to my S3 and checked the policy and it had certainly changed! If you know better then please get in touch and let me know!