I'm trying to use the S3 Archive method to do a Chef deployment in Opsworks. I put the Chef archive in S3 and copied the address of https://s3.us-east-2.amazonaws.com/redacted/redacted.tar.gz. I gave the Instance Profile used by the instance full read/write access to the "redacted" bucket. However, during a deployment I get "setup_failed" and the logs show a 403 Forbidden while trying to access the S3 archive.
I found some AWS docs that suggested making the archive public. However I do not want my Chef code to be public to the world.
Why am I getting a 403 Forbidden even though the Instance Profile has the correct permissions to the archive?