Durch die Nutzung von AWS re:Post stimmt du den AWS re:Post Nutzungsbedingungen
AWS re:Postre:Post

https for S3 public website.

0

I try to add https-protocol to a S3 hosted static website through cloudfront.

To configure the origin, I choose the website-endpoint from the static hosting as Origin domain, but then a radio-select pops up below to choose the Protocol, either http-only, https-only or match viewer. My Problem is that https only and match viewer are disabled. I can't choose those options. Only http only is selectable. No tutorial mentions this disabled state. Certificate is correct in us-east-1 and selected for the cf-distribution. Any hint is welcome.

Themen
Vernetzung & Bereitstellung von Inhalten
Tags
Amazon CloudFront
Sprache
English
snackycracky
gefragt vor einem Monat90 Aufrufe
3 Antworten
2

Instead of S3 hosted website through CloudFront, you can use CloudFront with OAC (Origin Access Control) to S3 bucket.

Disable hosted website and refer to How do I use my CloudFront distribution to restrict access to an Amazon S3 bucket? option 1

AWS
EXPERTE
Mike_L
beantwortet vor einem Monat
profile picture
EXPERTE
Oleksii Bebych
überprüft vor 25 Tagen
profile picture
EXPERTE
Gary Mclean
überprüft vor einem Monat
  • snackycracky
    vor einem Monat

    no, that is not working. I restricted the access for s3 to only allow cloudfront AND disable the static hosting in s3... site was not accessible with https after deployment of the cloudfront settings.

1
Akzeptierte Antwort

I forgot to redirect route53 to cloudfront instead of the s3 bucket

snackycracky
beantwortet vor einem Monat
profile picture
EXPERTE
Oleksii Bebych
überprüft vor 25 Tagen
0

Hi, I would suggest verifying that S3 static website hosting is enabled on the S3 bucket, and you are providing manually the website endpoint URL instead of selecting the S3 REST API endpoint URL from the dropdown.

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html#adding-cloudfront-to-s3

psp
beantwortet vor einem Monat
  • snackycracky
    vor einem Monat

    thanks for your hint, but I select the endpoint from the dropdown and enabled the website-hosting on the s3 bucket.

  • psp
    vor einem Monat

    right - you would enter and provide the S3 website endpoint URL: http://bucket-name.s3-website-region.amazonaws.com instead of selecting from the drop down that chooses the S3 REST endpoint URL.

  • snackycracky
    vor einem Monat

    nope, tried that. Not working unfortunatly the https radio button remains disabled. If I use another url it works but that's not a solution...

Du bist nicht angemeldet. Anmelden um eine Antwort zu veröffentlichen.

Eine gute Antwort beantwortet die Frage klar, gibt konstruktives Feedback und fördert die berufliche Weiterentwicklung des Fragenstellers.

Richtlinien für die Beantwortung von Fragen

Relevanter Inhalt