Recommended Mitigation
It is recommended to enable Origin Access Control (OAC) for CloudFront distributions. This configuration will help you prevent users from directly accessing S3 bucket content. For more information: <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html</a>