Invalid principal in policy

[dsclambton]

I am trying to update the bucket policy, but I am getting the invalid principal output even though I am following the same format in AWS doc.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-bucket/*",
            "Principal": {
		        "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity <MY-OAI-ID>"
		        }
        }
    ]
}

[dsclambton]

Fixed the issue. I used CloudFront Distribution ID as its format is pretty similar to OAI identity. I grabbed the Cloudfront OAI from Origin Access Identity under the Origins and Origin Groups section