1

I am looking to host a private website(html,js,css) in an S3 bucket and i want this website to be accessible only by aws accounts specified by me.

I read the question here - Restrict access to website hosted on S3.

The accepted answer says i can restrict access to a particular aws account. But another answer says i cannot restrict by account.

the main objective here is to give the url from the static website provided by amazon to give access to certain aws accounts. Only authenticated aws accounts can access the site.

What i found on research shows that an S3 with website hosting enabled cannot have such restrictions and needs to be public. Just wanted to know if there any workarounds.

I did look into serving with cloudfront signed urls but i cannot seem to authorise only certain aws accounts access. But this could be because i havent understood the concept completely. Or perhaps aws Cognito.

C0d3ine
  • 379
  • 1
  • 3
  • 14
  • What do you mean by "accessible only by aws accounts specified by me"? Would you be willing for authentication information to be part of the URL? Otherwise, S3 would not know who is accessing the account. Normally, if using AWS credentials, access to data in S3 would be via the AWS CLI rather than a request to a website URL. – John Rotenstein Dec 09 '18 at 12:52

1 Answers1

0

Making a private website hosting is clearly documented here,

https://medium.com/@pvinchon/private-static-website-hosting-on-aws-s3-54664725b9e7

Once you have the website, enable the policy as below,

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Sid": "Example permissions",
         "Effect": "Allow",
         "Principal": {
            "AWS": "arn:aws:iam::AccountB-ID:root"
         },
         "Action": [
            "s3:GetBucketLocation",
            "s3:ListBucket"
         ],
         "Resource": [
            "arn:aws:s3:::examplebucket"
         ]
      }
   ]
}

Hope it helps.

Kannaiyan
  • 12,554
  • 3
  • 44
  • 83