Cloudfront Signed URLs for Static Website?

Question

Hello Community Experts,

We have setup a static Angular web application hosted in S3 for a client. We've also added a cloud distribution for it and everything works fine so far.

We've got a new requirement now to allow access to the website using Signed URLs only. However from the documentation I've seen so far it seems Signed URLs only work for individual S3 objects and not for a website which might need to refer to other script/other files which might be in different locations in the bucket.

Could you let me know please if our understanding is correct and if it is possible to have a Signed cloudfront url for the static S3 website? Is there any documentation around this.

Many thanks in advance.

Accepted Answer

Hello.

It is possible to publish a signed url with CloudFront.  
This feature allows only limited users to retrieve content from S3 via CloudFront.  
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-urls.html

I think your understanding of the signed url is also correct.  
A signed url can be used to control access to an object.

So it may be a good idea to use a signed cookie to restrict to multiple files.  
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-signed-cookies.html

Please see the following document for a comparison of signed cookies and signed URLs.  
https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-choosing-signed-urls-cookies.html

Cloudfront Signed URLs for Static Website?

相關內容