Matheus Silva

O URL é gerado normalmente, mas retorna o ''error 403, access is denied'' $cloudFront = new Aws\CloudFront\CloudFrontClient([ 'region' => 'us-west-2', 'version' => '2014-11-06' ]); // Create a signed URL for the resource using the canned policy $streamHostUrl = 'http://example-distribution.cloudfront.net'; $resourceKey = 'videos/example.mp4'; $expires = time() + 300; $signedUrlCannedPolicy = $cloudFront->getSignedUrl([ 'url' => $streamHostUrl . '/' . $resourceKey, 'expires' => $expires, 'private_key' => '/path/to/your/cloudfront-private-key.pem', 'key_pair_id' => '<cloudfront key pair id>' ]); Ou $customPolicy = <<<POLICY { "Statement": [ { "Resource": "{$resourceKey}", "Condition": { "IpAddress": {"AWS:SourceIp": "{$_SERVER['REMOTE_ADDR']}/32"}, "DateLessThan": {"AWS:EpochTime": {$expires}} } } ] } POLICY; $signedUrlCustomPolicy = $cloudFront->getSignedUrl([ 'url' => $streamHostUrl . '/' . $resourceKey, 'policy' => $customPolicy, 'private_key' => 'cloudfront-private-key.pem', 'key_pair_id' => 'APKAIOC51117353UZVD4EHA' ]); Nas políticas do meu balde já coloquei: { "Version": "2008-10-17", "Id": "PolicyForCloudFrontPrivateContent", "Statement": [ { "Sid": "1", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E2SR5AFDLD7B7P" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::darpi.enterprises/*" } ] } Em ambas as maneiras gera URL, mas não consigo obter o arquivo. Alguma informação que possa me ajudar? Ficarei muito agradecido.