I would like to use a subdomain instead of the direct url to my s3 bucket at amazon.com. So instead of downloading images via an url like http://bucket-images.s3-eu-west-1.amazonaws.com/path/to/image.pngI would like to use http://assets.domain.com/path/to/image.png. I tried setting a CNAME like this:
CNAME assets domain.com bucket-images.s3-eu-west-1.amazonaws.com
But after setting this CNAME I receive such error from amazon, when I visit the domain:
<Error>
<Code>NoSuchBucket</Code>
<Message>The specified bucket does not exist</Message>
<BucketName>assets.domain.com</BucketName>
<RequestId>45646DFSDFSFASDF</RequestId>
<HostId>
dfasdcvcvd546456454ds5fasdf4ad5f64asdfasdfccdfgvggtg
</HostId>
</Error>
Over here they're telling to change the bucketname: https://forums.aws.amazon.com/message.jspa?messageID=237562
But that doesn't make sense. I worked on a project earlier, who used a bucketname totally different from the subdomain. So there has to be a way... Anyone who can help me out?
For S3 you need the CNAME and bucket name to match:
The bucket name must be the same as the CNAME. So http://images.johnsmith.net/filename would be the same as http://images.johnsmith.net.s3.amazonaws.com/filename if a CNAME were created to map images.johnsmith.net to images.johnsmith.net.s3.amazonaws.com
So in your specific example you need to name the bucket assets.domain.com.
http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingCustomURLs
If you need more flexibility, you can create a CloudFront distribution for your S3 bucket and assign a CNAME to your CloudFront distribution.
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html
Addtional to #Samuel Neff's information:
Just remember to name your AWS S3 bucket same as your Cloudflare CNAME record. Otherwise it will not work.
Here I tried and worked for me:
Converted
https://s3-eu-west-2.amazonaws.com/cdn.domain.com
to
http://cdn.domain.com
Related
I have a static website hosted on S3 which works fine when accessed through my bucket's endpoint. However, when I create a CloudFront distribution and try access it through using the CloudFront domain I keep getting the error below.
d1xu3mknlk0sbd.cloudfront.net
Code: NoSuchBucket
Message: The specified bucket does not exist
BucketName: d1xu3mknlk0sbd.cloudfront.net
RequestId: 656B653A2ED5B2B1
HostId: 9etNAX1XEJmbVKUAMylBDz3xEky+7RhAnr9b8HhpkIb9+pkMnn920v/MSAUjr78oyONEUdlba50=
I have set up my CloudFront origin domain name to the s3 url of my static site which works when I type it in the browser so why can't CloudFront find the bucket ...
Ended up solving this by changing my s3 bucket name from 'sample' to 'www.sample.com' .Strangely CloudFront started resolving the correct bucket name. Why this works remains a mystery ...
Following is what I'm doing. I'm generating a pre-signed URL using a custom domain for my s3 bucket resources which are not public.
https://files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
Also to add the certificate I've created a cloudfront distribution for the bucket having following origin settings
Origin Domain Name: bucket-name.s3.amazonaws.com
Origin Id : s3.bucket-name
Restrict Bucket Access: No
Yet I'm unable to access my resources. Throws access denied error. Any help would be appreciated.
There are two cases:
If your bucket has regular name.
In this case you should use CloudFront to access your bucket.
And like mentioned above URL looks like in this answer:
https://cloudfront-url/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
If your bucket has s3 static website name.
In this case your bucket name looks like files.customdomain.com and you can generate pre-signed url for this bucket:
https://files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
In your DNS you will have CNAME files.customdomain.com points to files.customdomain.com.s3.[bucket-region].amazonaws.com.
NOTICE
When I generate pre-signed URL via aws-cli:
aws s3 presign s3://files.customdomain.com/file123 --endpoint-url https://files.customdomain.com
I get URL with duplicate bucket name in the path:
https://files.customdomain.com/files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
instead of:
https://files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
I don't know if it has the same behavior via SDK.
Have you tried initializing S3 with the custom url var S3 = new AWS.S3({endpoint: 'media.domain.com', s3BucketEndpoint: true});
More info https://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html
Also, make sure signature is correct as well https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version
Ref : https://github.com/aws/aws-sdk-js/issues/891
When using S3 with CloudFront, you don't want an S3 signed URL... you want a CloudFront signed URL.
Read Configuring Security and Limiting Access to Content in the CloudFront developer guide.
I found a solution for this question. The signed url needs to be generated for cloudfront url endpoint from s3 bucket. Therefore instead of
https://files.customdomain.com/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
it needs to be
https://cloudfront-url/file123?AWSAccessKeyId=XXX&Expires=1541220685&Signature=XXXX
and DNS records had to resolve custom domain to cloudfront url.
I created a GCP storage bucket named for a domain managed by Google Domains. I have uploaded the files, created a CNAME record for c.storage.googleapis.com, and changed the ACLs to public-read. However, I'm still getting the error:
<Error>
<Code>NoSuchBucket</Code>
<Message>The specified bucket does not exist.</Message>
</Error>
Note that I wasn't asked to verify the domain when I created the bucket. I assume this is normal for a domain managed by Google Domains as it says "automatically verified."
I'm not sure how to debug this issue.
I got it. I just needed to add www. to the beginning of the bucket name.
In other words:
www.domain.com instead of domain.com
I was using s3 for for my static websites, we had three websites/paths in s3:
example.com
example.com/website1
example.com/website2
Website1 and Website2 were folders inside the bucket example.com as expected. But now we need https urls so we decided to go with aws cloudfront for the redirects. Cloudfront generated for example a url like this, https://123455678.cloudfront.net .
When I navigate to the url, it gets the example.com correctly, but when I try to put like https://123455678.cloudfront.net/website1 it seems like its not entering the /website1 path in the s3. So it gives me this error because it's not finding the index.html inside the /website1 path.
<Error>
<Code>AccessDenied</Code>
<Message>Access Denied</Message>
<RequestId>C5259E1658595A69</RequestId>
<HostId>
B1HYQsr0Xv4M1avKlJ3G8t0rkVfCvbOoJadxm5z1BwapblBeERm3c6Ni+jZWxB8FlXEaF6bUAik=
</HostId>
</Error>
I guess I have to do something in the origins and behaviours of my cloudfront distribution, but I can't figure out what to do there...
I fixed my problem by changing the origin domain name in my cloudfront distribution to my s3 bucket endpoint, located in the properties of my bucket in Static Website Hosting area.
Saved, waited for cloudfront to use the updated changes and it worked. Also my Default Root Object is set to index.html .
Hope it helps someone =)
This has also been posted in the AWS forum. But it's languishing a bit (and I'm in a hurry to solve this problem).
This question is with regard to a 'download' distribution, not 'streaming'.
I've recently signed up and created an Amazon S3 bucket and then created an Amazon CloudFront (CF) distribution out of that bucket. Here's the relevant info:
Bucket Name: stella_media
Folder In Bucket: visia
Which results in a working URL (with public-read access) like this: http://s3.amazonaws.com/stella_media/visia/720_125M_Zero_Dark_Thirty.mp4
So you'll see that if you use the above URL (and you're not using Firefox) it loads the MP4 video. All the media in my bucket is set to public-read.
My Problem Is With Access To The Same Content Via Cloudfront:
And my CF distrubution has the following properties:
Delivery Method: download
Distribution Status: deployed
Price Class: US & Europe
State: Enabled
Domain Name: d2322fq9z81lph.cloudfront.net
However, when I use the URL provided to me when I setup my CF distribution on that bucket I get a "noSuchKey" error: http://d2322fq9z81lph.cloudfront.net/stella_media/visia/720_125M_Zero_Dark_Thirty.mp4
<Error>
<Code>NoSuchKey</Code>
<Message>The specified key does not exist.</Message>
<Key>stella_media/visia/720_125M_Zero_Dark_Thirty.mp4</Key>
<RequestId>5E2FA36884444757</RequestId>
<HostId>
HiphTLuv4P2tiJemBRNvIGsq8DRbSCMocdAvm4oto9NVnnKNHuDZWuFHz+xyCt6B
</HostId>
</Error>
So ... exactly what URL am I supposed to be using to point to my video OR is there some sort of permissions setting that I've overlooked to make the content in my CF distribution public?
Thanks for any help.
For the benefit of any others that may come across this, I've figured this out.
Apparently CloudFront URL's DO NOT INCLUDE THE BUCKET NAME. So it would play out like so:
S3 URL
http://s3.amazonaws.com/stella_media/visia/720_125M_Zero_Dark_Thirty.mp4
CloudFront URL
http://d2322fq9z81lph.cloudfront.net/visia/720_125M_Zero_Dark_Thirty.mp4
Hopefully that helps anyone else from going out of their mind trying to figure out what's wrong.