Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Making S3 static web hosting content private

I want to be able to publish test reports to S3 and have it accessible to the URL sent at the end of the Drone build.

Is it possible to have the S3 static site not view-able by anyone? So its only accessible by people who can already access resources in the VPC using a VPN.

I read that the content must have public read access, so checking if that is avoidable.

like image 612
Tom Bailey Avatar asked Aug 20 '18 15:08

Tom Bailey


People also ask

Can we host static website on private S3 bucket?

Yes: Set up the static website as normal, Add a VPC endpoint for S3, Use a bucket policy to deny all but traffic from your VPC.

Can S3 be made private?

By default, all S3 buckets are private and can be accessed only by users who are explicitly granted access. Restrict access to your S3 buckets or objects by doing the following: Writing IAM user policies that specify the users that can access specific buckets and objects.

How do I make my S3 private?

Sign in to the AWS Management Console and open the Amazon S3 console at https://console.aws.amazon.com/s3/ . In the Bucket name list, choose the name of the bucket that you want. Choose Permissions. Choose Edit to change the public access settings for the bucket.


1 Answers

Yes:

  • Set up the static website as normal,
  • Add a VPC endpoint for S3,
  • Use a bucket policy to deny all but traffic from your VPC.

Here is a good article describing it in more detail: https://blog.monsterxx03.com/2017/08/19/build-private-staticwebsite-on-s3/

like image 67
Matt D Avatar answered Sep 28 '22 09:09

Matt D