AWS/S3 – Static Web Site

 

Background

Reading through AWS/S3 documentation and wanted to see possible gotchas with its Static Website functionality.

 

Outline

  1. Preparation
    • Prepare Static Web Files
      • As this is a sample, we will rip off someone’s work
        • Specifically, “Static website to use with Cloud Academy labs” ( Link )
  2. Amazon/AWS
    • S3
      • Create S3 Bucket
      • Configure
        • Static Web Site
        • Permissions
          • Access Control List
            • Public Access/Everyone
              • List Objects
              • Read Permissions
          • Bucket Policy
            • Enter a generic bucket policy that grants read object permission to the object and its contents
      • Upload Artifacts
        • Using S3 Client upload website files to S3 Bucket

Preparation

Introduction

In most cases, one will thoroughly develop original website artifacts.

Carefully put together HTML, Cascading Style Sheet ( CSS ), Image, and JavaScript Files.

 

Stolen Web Site

This is not one one of those times as I lack any originality bone.

Went online and wasted a couple of hours looking for static web sites.

 

Cloud Academy

The best one I found is :-

cloudacademy/static-website-example
Link

Download Artifacts

Download the artifact

Extract

The artifact is a compressed zip file.

Using 7-Zip extracted the files.

 

Amazon/AWS

Console

Using a web browser, connected to the AWS Console.

S3

From the list of services, chose S3.

S3 Bucket

S3 Bucket – Create

Created a new S3 Bucket.

S3 Bucket – Create – Outline
  1. Tab :- Name and Region
    • Please offer a unique bucket name
    • Please choose the region
  2. Tab :- Configure Options
    • Versioning
      • Versioning is left at default of OFF
        • Test Site, no need for versioning
        • For actual site, will use GitHub for Development purpose
    • Server Access Logging
      • Server Access Logging is left at default of OFF
      • If actual site, will enable to track usage
    • Tags
      • Tagging is useful, but definitely not essential
      • Lone Tag
        • Usage –> website
  3. Tab :- Permissions
    • Public Access
      • Turn off block “Public Access
  4. Tab :- Review
    • Review options
S3 Bucket – Name

Please keep in mind that there are some hard rules in terms of naming a bucket.

Some of those rules are :-

  1. The bucket name has to be world unique
  2. It can not contain any upper case character
S3 Bucket – Region

Please choose a region that is proximate to other services that you will be hosting and to your customers.

 

Images

Image – Create Bucket – Tab – Name and Region

 

Image – Create Bucket – Tab – Configure Options

 

Image – Create Bucket – Tab – Set Permissions

 

Image – Create Bucket – Tab – Review

S3 Bucket – Property

Image

Here is our properties upon creating a new bucket with the choices we chose.

S3 Bucket – Property – Static website Hosting

Please choose the “Static website hosting” choice.

Outline
  1. Endpoint
  2. We have the following choices for Static website hosting
    • Use this bucket to host a website
      • The choice we want
    • Redirect Requests
      • Forward HTTP requests to another URL
    • Disable website hosting
      • Default Choice
Image
Image – Disable website hosting

Image – Use this bucket to host a website ( before filling out data )

Image – Use this bucket to host a website ( data filled out )

S3 Bucket – Permissions – Access Control List ( ACL )

S3 Bucket – Permissions – Outline
  1. Within the Bucket, please choose Permissions
  2. Within the Permissions, please choose Access Control List’
  3. Please access the “Public access” Group
  4.  Public Access Group
    • On the “Everyone” group, please check radio button
    • Everyone Group
      • In the “Access the Objects” group-box
        • Check the “List Objects” option
        • Leave the “Write Objects” option off
      • In the “Buckets ACL” group-box
        • Check the “Read buckets permissions” option
        • Leave the “Write buckets permissions” option off
S3 Bucket – Permissions – Images
S3 Bucket – Permissions – Access Control List – No Public Access

 

S3 Bucket – Permissions – Access Control List – Everyone ( Initial )

 

S3 Bucket – Permissions – Access Control List – Access to Objects

 

S3 Bucket – Permissions – Access Control List – Access to Bucket’s ACL

 

S3 Bucket – Permissions – Bucket Policy

Outline
  1. Within the Bucket, please choose Permissions
  2. Within the Permissions, please choose Bucket Policy
  3. Please paste a generic bucket policy
    • Ensure that the bucket’s name is explicitly noted
Policy
Actual Policy

Here is the policy we used :-


{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadForGetBucketObjects",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::cloudacademylabswebsitestaticexamplebyda/*"
        }
    ]
}

 

Explanation
  1. Version :- 2012-10-17
  2. Statement
    • Sid :-
      • Statement ID
      • Sample :- PublicReadForGetBucketObjects
    • Effect
      • Syntax :- Allow
    • Principal
      • Syntax :- *
    • Action :-
      • Syntax :- s3:GetObject
    • Resource :-
      • Syntax :- arn:aws:s3:::[bucket-name]/*
      • Sample :- arn:aws:s3:::cloudacademylabswebsitestaticexamplebyda/*
Images
Image – Policy Empty

 

Image – Policy Entered

 

S3 Bucket – Upload Material

Using an S3 Client please upload the website artifacts.

S3 Browser

Our quick tool for S3 Bucket management is S3 Browser.

Launched it and uploaded the extracted files.

Please keep in mind to maintain the folder structure.

S3Browser.01.20190527.1112AM.PNG

Summary

Again, no work here.

Stole code from Cloud Academy ( https://github.com/cloudacademy/static-website-exampleLink ).

References

  1. AWS
    • AWS Documentation » Amazon Simple Storage Service (S3) » Developer Guide » Hosting a Static Website on Amazon S3 » Example Walkthroughs – Hosting Websites on Amazon S3 »
      • Example: Setting up a Static Website
        Link
    • AWS Documentation » Amazon Simple Storage Service (S3) » Developer Guide » Managing Access Permissions to Your Amazon S3 Resources » Using Bucket Policies and User Policies » Bucket Policy Examples
      • Bucket Policy Examples
        Link
    • AWS Security Blog
      • Kai Zhao
        • IAM Policies and Bucket Policies and ACLs! Oh, My! (Controlling Access to S3 Resources)
          Link

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s