🔥 3-day streak
AWS Certified CloudOps Engineer - Associate45 / 159
Question 45 of 159

A company serves a static website from an Amazon S3 bucket through an Amazon CloudFront distribution. The bucket has Block Public Access enabled. After migrating from a legacy Origin Access Identity (OAI) to Origin Access Control (OAC), users report that all requests to the site return HTTP 403 Access Denied. The CloudFront origin is correctly configured to use OAC. What is the MOST likely cause that a CloudOps engineer should investigate first?

Reviewed for accuracy · Report an issueNext question