- Newest
- Most votes
- Most comments
Please don't use S3's static website hosting for a real workload. It only supports HTTP, not HTTPS, so there is no protection from man-in-the-middle attacks. I personally will never go to an HTTP website as there's no guarantee I'm communicating with the server I think I am. Front-ending with CloudFront is easy and far more secure. Your bucket with the static content can then be private, using Origin Access Control.
Amazon S3 static websites do not have a fixed IP address and use dynamically allocated IP addresses. This means the IP address can change, and AWS does not provide a static IP for S3 websites.
You can find all current IP addresses of AWS services here, but these IP may change over time
https://ip-ranges.amazonaws.com/ip-ranges.json
https://docs.aws.amazon.com/vpc/latest/userguide/aws-ip-work-with.html#aws-ip-download
If the objective is to use the GoDaddy domain to point to your static S3 bucket, you could create a CloudFront distribution that points to you S3 bucket and provide them with the DNS of your distribution so they can use a CNAME record to point to your distribution instead of an A record pointing to a static IP address. I think it is even possible to make your bucket publicly accessible and send them your bucket public address. I have never done this though.
