Hi @DanM , I have been trying for a week to achieve exactly what you are doing here, but with no luck so far. I keep running into this:
error: The request signature we calculated does not match the signature you provided. Check your key and signing method.
I have restricted the s3 bucket to only allow access from the cloudfront. And also created an IAM account that has permissions to access the s3 bucket.
Also tried following this post but getting the same error.
Could you share how you got it to work?