Amplify-cli: Amplify Publish - CloudFront 307 redirection and Access Denied after deployment in non-US region

Thanks @awsed , we are investigating this issue.

@awsed Cloudfront takes around 20-30 minutes sometimes to deploy and have the site up and running the first time. Were you able to access the site eventually?

It does work eventually but it does take more than minutes, more like hours or up to a whole day (as you can see in the support link it can take up to 24h). And if you try to access before that, CloudFront will cache the error and it'll make it worst. If you're not familiar with CloudFront and AWS it'll provide a bad user experience.

An easy fix would be to add the region to the S3 URL/FQDN as per the support link.

@UnleashedMind Could you look into this and make the change? Thanks!

@awsed
I did a bit of investigation on this, what you have guessed is correct.
But the fixed described in the link (see the pasted section below), does not work.

...if the bucket is in us-west-2, you can change the Origin Domain Name from bucketname.s3.amazonaws.com to bucketname.s3-us-west-2.amazonaws.com.

If we change the CloudFormation template, and set the CloudFrontDistribution's property DistributionConfig/Origins/DomainName to a format like that, the CloudFormation will report an error like this:
The parameter Origin DomainName does not refer to a valid S3 bucket. (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidArgument; Request ID: xxxx

There was a post on this in the aws forum many years ago, but curiously it does not seem to have been completely resolved.
https://forums.aws.amazon.com/thread.jspa?messageID=495923

IMHO, we will have to live with this behavior before they provide a fix. Please let us know if you have other suggestions.

We've updated our doc on this.
Closing this issue.
feel free to re-open if needed.

For anyone facing similar issues deploying to us-west-2, you should modify the S3AndCloudFront/template.json section that specifies the origin bucket for CloudFront from

"DomainName": {
  "Fn::GetAtt": [
    "S3Bucket",
    "DomainName"
  ]
}

"DomainName": {
  "Fn::GetAtt": [
    "S3Bucket",
    "RegionalDomainName"
  ]
}

For anyone facing similar issues deploying to us-west-2, you should modify the S3AndCloudFront/template.json section that specifies the origin bucket for CloudFront from

"DomainName": {
  "Fn::GetAtt": [
    "S3Bucket",
    "DomainName"
  ]
}

"DomainName": {
  "Fn::GetAtt": [
    "S3Bucket",
    "RegionalDomainName"
  ]
}

You totally saved me. I had an AccessDeny error and this caused it.

This error breaks all amplify projects with hosting in all regions except us-west-2. Could this ticket be reopened, please. This error is not easy to debug and this ticket saved me a lot more investigation time. Thank!

Using amplify version 4.20.0

Can confirm this is still occurring October 2020, tested in AP-SOUTHEAST-2

Edit: Master is still using DomainName instead of RegionalDomainName. The below comment is incorrect
It seems like using Amplify init may be pulling down an old version of the repo given that it looks like this template has been fixed in master https://github.com/aws-amplify/amplify-cli/blob/master/packages/amplify-category-hosting/lib/S3AndCloudFront/template.json~~