RoutingRules on AWS S3 Static website hosting

1
votes

I have successfully configured my S3 bucket to serve a static website and also redirect to a lambda function if a file is not found in the bucket.

<RoutingRules>
  <RoutingRule>
    <Condition>
      <KeyPrefixEquals/>
      <HttpErrorCodeReturnedEquals>404</HttpErrorCodeReturnedEquals>
    </Condition>
    <Redirect>
      <Protocol>https</Protocol>
      <HostName>mylambda.execute-api.us-east-1.amazonaws.com</HostName>
      <ReplaceKeyPrefixWith>/?key=</ReplaceKeyPrefixWith>
      <HttpRedirectCode>307</HttpRedirectCode>
    </Redirect>
  </RoutingRule>
</RoutingRules>

it works fine if I use the http url of the static website

http://mybucket.s3-website-us-east-1.amazonaws.com/some-file.gif

but it doesn´t work if I use the https bucket url. it returns AccessDenied

https://s3.amazonaws.com/mybucket/some-file.gif

I also tryied adding cloudfront and the issue is the same. https://mycloudfront.cloudfront.net/some-file.gif gives me the same AccessDenied

is like not working for https maybe?

1
amazon-web-servicesamazon-s3

1 Answers

1
votes

The first url:

mybucket.s3-website-us-east-1.amazonaws.com/some-file.gif

is a website endpoint. It only supports HTTP, not HTTPS. Docs write:

The website endpoints do not support HTTPS or Amazon S3 Access Points.

The second url:

s3.amazonaws.com/mybucket/some-file.gif

is Legacy Global Endpoint still used N. Virginia region. These (i.e. service endpoints) are used to:

connect programmatically to an AWS service

They support both HTTP and HTTPS.

Therefore, answering to your question, the https://mybucket.s3-website-us-east-1.amazonaws.com/some-file.gif fails because HTTPS is not supported for website endpoints.

The https://s3.amazonaws.com/mybucket/some-file.gif fails because this is used for programmatic access, not by using browser or curl. But if you set your objects as public, you should be able to access them nevertheless.

For CloudFront you would need to provide more information, or create new question. It depends how you setup your CF disto and bucket.