[英]Is it possible to use S3 Access Point as a static website?
I'm trying to figure out whether it is possible to use AWS S3 Access Point for hosting a static S3 website.我想弄清楚是否可以使用 AWS S3 访问点来托管静态 S3 网站。
S3WebsiteBucket.WebsiteURL
resource described below works great but I need to use Access Point instead.下面描述的S3WebsiteBucket.WebsiteURL
资源效果很好,但我需要改用接入点。
Failure message whenever I request the index file(URL is like https://my-access-point-0000000000.s3-accesspoint.eu-north-1.amazonaws.com/index.html ) is the following:每当我请求索引文件时的失败消息(URL 类似于https://my-access-point-0000000000.s3-accesspoint.eu-north-1.amazonaws.com/index.html )如下:
InvalidRequest The authorization mechanism you have provided is not supported. InvalidRequest 不支持您提供的授权机制。 Please use Signature Version 4.请使用签名版本 4。
My CloudFormation template:我的 CloudFormation 模板:
AWSTemplateFormatVersion: '2010-09-09'
Resources:
S3WebsiteBucket:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: error.html
VersioningConfiguration:
Status: Enabled
S3WebsiteBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
PolicyDocument:
Id: AllowPublicRead
Version: 2012-10-17
Statement:
- Sid: PublicReadForGetBucketObjects
Effect: Allow
Principal: '*'
Action: 's3:GetObject'
Resource: !Join
- ''
- - 'arn:aws:s3:::'
- !Ref S3WebsiteBucket
- /*
Bucket: !Ref S3WebsiteBucket
S3AccessPoint:
Type: AWS::S3::AccessPoint
Properties:
Bucket: !Ref S3WebsiteBucket
Name: my-access-point
PublicAccessBlockConfiguration:
BlockPublicAcls: true
IgnorePublicAcls: true
BlockPublicPolicy: true
RestrictPublicBuckets: false
Is it possible to use S3 Access Point for such a task at all or it's not meant for public access(static websites)?是否可以将 S3 接入点用于此类任务,或者它不适用于公共访问(静态网站)? If that's possible, is there anything that I missed - perhaps S3AccessPoint needs its own IAM access policy?如果可能的话,有没有我遗漏的地方 - 也许 S3AccessPoint 需要自己的 IAM 访问策略?
My primary motivation for using S3 Access Point is to hide the original bucket name without using Route 53 and custom domains.我使用 S3 Access Point 的主要动机是在不使用 Route 53 和自定义域的情况下隐藏原始存储桶名称。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.