By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Cloudfront Signed URLs for Static Website?

0

Hello Community Experts,

We have setup a static Angular web application hosted in S3 for a client. We've also added a cloud distribution for it and everything works fine so far.

We've got a new requirement now to allow access to the website using Signed URLs only. However from the documentation I've seen so far it seems Signed URLs only work for individual S3 objects and not for a website which might need to refer to other script/other files which might be in different locations in the bucket.

Could you let me know please if our understanding is correct and if it is possible to have a Signed cloudfront url for the static S3 website? Is there any documentation around this.

Many thanks in advance.

Topics
StorageComputeNetworking & Content Delivery
Tags
Amazon Simple Storage ServiceWebsite ProvisioningAmazon CloudFrontpresigned URL
Language
English
Avi
asked 8 months ago427 views
1 Answer
0
Accepted Answer

Hello.

It is possible to publish a signed url with CloudFront.
This feature allows only limited users to retrieve content from S3 via CloudFront.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html

I think your understanding of the signed url is also correct.
A signed url can be used to control access to an object.

So it may be a good idea to use a signed cookie to restrict to multiple files.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html

Please see the following document for a comparison of signed cookies and signed URLs.
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-choosing-signed-urls-cookies.html

profile picture
EXPERT
Riku_Kobayashi
answered 8 months ago
  • Avi
    8 months ago

    Hi Riku, thankyou for your response. We have been able to set up a signed url for the cloudfront distribution that we are using for the static website. But the issue is that it is unable to load any of the other files (required javascripts) apart from the index.html(after we change it to restrict access for signed urls). Is there any way to let the Signed Cloudfront url have access to all the files in the S3 bucket which hosts the website?

  • Riku_Kobayashi EXPERT
    8 months ago

    Updated answers. For multiple files, it is better to use a signed cookie.

  • Avi
    8 months ago

    Thankyou that helped!

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content