How to point a Netlify subdomain to an AWS S3 bucket via CNAME?

Question

I have a static site (mysite.com) hosted via Netlify. Netlify currently manages my DNS, so that I have nameservers like so:

• dns1.p07.nsone.net
• dns2.p07.nsone.net
• dns3.p07.nsone.net
• dns4.p07.nsone.net

I have a bucket on my S3 named dl.mysite.com. I want to have it so that when somebody clicks a link such as http://dl.mysite.com/file.pdf, it grabs it from the S3 bucket.

Within my management dashboard for Netlify, I'm able to create a custom subdomain (dl.mysite.com), and it directs me to do the following:

Point dl CNAME record to obfuscated-url-d6f26e.netlify.com Log in to the account you have with your DNS provider, and add a CNAME record for dl pointing to obfuscated-url-d6f26e.netlify.com.

In the past, when I used AWS exclusively to host the app and manage DNS, this was easily accomplished by just creating an Alias record in Route53 for the subdomain and pointing it to my bucket.

How can I accomplish this now that Route53 doesn't handle my DNS? Is it still possible to point that subdomain at a particular S3 bucket?

Answer 1

disclaimer: I work for Netlify.

Netlify is intended to host web content, not proxy entirely to S3 buckets. Using it as you describe may work but is against our terms of service which specifically state that we intend to host websites with html content for people to browse, not computers. If that is literally all you want to do - serve content out of that S3 bucket, then I wouldn't bother with the intermediate step of using Netlify at all here. It's another point of failure that doesn't buy you much to put us between your visitors and S3. One more reasonable way to do it is the way @thomas above suggested.

However, if you want to use Netlify's DNS hosting for your domain since we host other site(s) for you, you can absolutely still use our DNS to set up a hostname that points directly to S3 - no terms of service violation there as we don't limit your use of our DNS service. Many customers have us host DNS for domains where there is one website on netlify and a dozen elsewhere. To configure this, I'd instead set that record as a CNAME to the S3 hostname, and handle any SSL certificate on AWS' side. This will work well and if it doesn't our tech support team will be happy to help you out.

In a third situation, if you want to serve some content at that hostname from S3 (e.g. PDF's) and then some other content (e.g. your website html files that link to PDF's), that is legit! We'll be happy to proxy to your S3 content. For instance, you can set up a (reverse) proxy to /files/* on S3 like this, in a /_redirects file:

/files/* http://aws-bucket-hostname/:splat 200!

This says "load all files from Netlify EXCEPT /files/* which should instead come from S3 with a path matching the part after /files/ in the URL". In this case we WILL handle the SSL certificate for you since we terminate the browser connection instead of S3.

More docs on that functionality here:

https://www.netlify.com/docs/redirects/

Answer 2

In order to use Static Hosting on S3 (allowing for your bucket to be a domain name), you can only use an alias on Route 53.

You can however use CloudFront to serve files using a domain name of your choice.

I would say your options are:

1. Switch back to using Route 53
2. Use CloudFront in-front of your S3 bucket
3. Just use the S3 bucket link

(Considering how many browsers obscure the address and that people don’t really care, I would go with option 3 personally.)