Aws\CloudFront\Exception\CloudFrontException thrown

Error executing "CreateCloudFrontOriginAccessIdentity" on "https://cloudfront.amazonaws.com/2020-05-31/origin-access-identity/cloudfront"; AWS HTTP error: Client error: `POST https://cloudfront.amazonaws.com/2020-05-31/origin-access-identity/cloudfront` resulted in a `403 Forbidden` response: Sender< (truncated...) AccessDenied (client): User: arn:aws:iam::222520764232:user/ipacloudadmin is not authorized to perform: cloudfront:CreateCloudFrontOriginAccessIdentity on resource: arn:aws:cloudfront::222520764232:origin-access-identity/* because no identity-based policy allows the cloudfront:CreateCloudFrontOriginAccessIdentity action - SenderAccessDeniedUser: arn:aws:iam::222520764232:user/ipacloudadmin is not authorized to perform: cloudfront:CreateCloudFrontOriginAccessIdentity on resource: arn:aws:cloudfront::222520764232:origin-access-identity/* because no identity-based policy allows the cloudfront:CreateCloudFrontOriginAccessIdentity action1a307e18-93a9-4ea7-b59a-f07f76d9574f