By using AWS re:Post, you agree to the Terms of Use

Authentication in Static Website Hosting

0

Hello, I was recently working with static website hosting in S3 and getting some authentication through Cognito so that only authenticated people can access the webpage. I successfully used the Cognito to authenticate users but what if someone directly accesses the page with the direct URL. For example http://example.com.s3-website.ap-south-1.amazonaws.com/ride.html. If someone visits this URL then they can access the webpage and see the contents. What I need is, only authenticated person can access this page & if some unauthenticated person tries to access it then it shows them "Access Denied" Error or redirect them to login.html. Should I use Cloudfront or there's any other way I can achieve this?

asked 3 years ago462 views
3 Answers
1

Hi,
Yes, you will need to use CloudFront to secure the access to your S3 bucket. You will need to follow the steps here:
Link: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
-randy

answered 3 years ago
0

Thank You

answered 3 years ago
0

For a Cognito-based approach, I used the method described in https://aws.amazon.com/blogs/networking-and-content-delivery/authorizationedge-how-to-use-lambdaedge-and-json-web-tokens-to-enhance-web-application-security/.

Edited by: JohnMcGehee on Aug 22, 2020 3:01 PM

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions