堆栈内存溢出
  简体   繁体   English

是否可以将 S3 接入点用作静态网站?

[英]Is it possible to use S3 Access Point as a static website?

 原文  2021-10-27 20:21:49       amazon-web-services/ amazon-s3/ amazon-cloudformation/ amazon-iam/ amazon-s3-access-points

问题描述

I'm trying to figure out whether it is possible to use AWS S3 Access Point for hosting a static S3 website.我想弄清楚是否可以使用 AWS S3 访问点来托管静态 S3 网站。

S3WebsiteBucket.WebsiteURL resource described below works great but I need to use Access Point instead.下面描述的S3WebsiteBucket.WebsiteURL资源效果很好,但我需要改用接入点。

Failure message whenever I request the index file(URL is like https://my-access-point-0000000000.s3-accesspoint.eu-north-1.amazonaws.com/index.html ) is the following:每当我请求索引文件时的失败消息(URL 类似于https://my-access-point-0000000000.s3-accesspoint.eu-north-1.amazonaws.com/index.html )如下:

InvalidRequest The authorization mechanism you have provided is not supported. InvalidRequest 不支持您提供的授权机制。 Please use Signature Version 4.请使用签名版本 4。

My CloudFormation template:我的 CloudFormation 模板:

AWSTemplateFormatVersion: '2010-09-09'
Resources:
  S3WebsiteBucket:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: PublicRead
      WebsiteConfiguration:
        IndexDocument: index.html
        ErrorDocument: error.html
      VersioningConfiguration:
        Status: Enabled

  S3WebsiteBucketPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      PolicyDocument:
        Id: AllowPublicRead
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: '*'
            Action: 's3:GetObject'
            Resource: !Join
              - ''
              - - 'arn:aws:s3:::'
                - !Ref S3WebsiteBucket
                - /*
      Bucket: !Ref S3WebsiteBucket

  S3AccessPoint:
    Type: AWS::S3::AccessPoint
    Properties:
      Bucket: !Ref S3WebsiteBucket
      Name: my-access-point
      PublicAccessBlockConfiguration:
        BlockPublicAcls: true
        IgnorePublicAcls: true
        BlockPublicPolicy: true
        RestrictPublicBuckets: false

Is it possible to use S3 Access Point for such a task at all or it's not meant for public access(static websites)?是否可以将 S3 接入点用于此类任务,或者它不适用于公共访问(静态网站)? If that's possible, is there anything that I missed - perhaps S3AccessPoint needs its own IAM access policy?如果可能的话,有没有我遗漏的地方 - 也许 S3AccessPoint 需要自己的 IAM 访问策略?

My primary motivation for using S3 Access Point is to hide the original bucket name without using Route 53 and custom domains.我使用 S3 Access Point 的主要动机是在不使用 Route 53 和自定义域的情况下隐藏原始存储桶名称。

1 个解决方案

解决方案1
 1 已采纳  2021-10-28 05:49:00

Sadly you can't do this , as S3 website mode is for buckets only (not access points) .遗憾的是,您不能这样做,因为 S3 网站模式仅适用于存储桶(而非访问点)。 From docs :文档

Amazon S3 website endpoints do not support HTTPS or access points . Amazon S3 网站终端节点不支持 HTTPS 或访问点

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 是否可以安全访问Amazon S3静态网站? - Securely access Amazon S3 static website? 限制 S3 静态网站访问 Cloudfront - Restrict S3 Static Website access to Cloudfront 如何将域指向 Aws S3 static 网站 - How to point a domain to Aws S3 static website 将AWS S3 Infrequent Access(IA)与Cloud Front一起用于静态网站资源是否是一种好习惯? - Is it a good practice to use AWS S3 infrequent Access (IA) with cloud front for static website resources? index.html Amazon S3 静态网站的访问被拒绝 - Access Denied for index.html Amazon S3 static website 限制对云前端分发背后的 s3 静态网站的访问 - Restrict access to s3 static website behind a cloudfront distribution 仅允许EC2实例访问S3上的静态网站 - Only allow EC2 instance to access static website on S3 如何限制对 Amazon s3 静态网站中单个文件的访问 - How to limit access to individual files in an Amazon s3 static website 如何将对静态s3网站的访问限制为VPN - How do I restrict access to a static s3 website to a VPN Amazon S3静态网站托管和REST API访问? - Amazon S3 Static Website Hosting and REST API Access?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM