This is my code i am getting Access Denied message. Anyone tell me how to fix this.

My Bucket Policy

"cloudfront:user/CloudFront Origin Access Identity [ID]" with s3.

Bucket Policy Resource

"Resource": "arn:aws:s3:::bucket_name/*"

use Aws\CloudFront\CloudFrontClient;
require 'vendor/autoload.php';

$cloudFront = CloudFrontClient::factory([
    'version' => 'latest',
    'region'  => 'ap-south-1'
]);

// Setup parameter values for the resource
$streamHostUrl = 'http://example.cloudfront.net';
$resourceKey = 'Bucket/1.jpg';
$expires = new DateTime('+1 minute');

// Create a signed URL for the resource using the canned policy
$url = $cloudFront->getSignedUrl([
    'url'         => $streamHostUrl . '/' . $resourceKey,
    'expires'     => $expires->getTimestamp(),
    'private_key' => 'pk-private_key.pem',
    'key_pair_id' => '<key_pair_id>'
]);

echo $url;

Error "AccessDenied"

<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>EE8B43497F516AD3</RequestId>
<HostId>
jghWRjO1Rnvv0/hRaeBS4pThCFJcGN26r3wDcMAiyqWeVHRVLbNaSUiIQmR7dDiQus/j8QjUWhM=
</HostId>
</Error>

I am fix this problem

change it

$resourceKey = 'Bucket/1.jpg'

To

$resourceKey = '1.jpg';