3

I have set the acl for the origin access identity on all objects as read. I have set up the bucket policy for the OAI. The only way I can get the css, or anything else apart from the html, to work is if I reference it with the the full signed URL ie domain name/css/main.css?parameters of signed url, in the index.html. I have ensured that all files have the correct content type. Is this standard practice? Do I have to reference every image, css, js file this way with the signed url? I have been searching for days on this, so any help would be greatly appreciated. Thanks in advance.

bucket policy: { "Version": "2012-10-17", "Id": "PolicyForCloudFrontPrivateContent", "Statement": [ { "Sid": " Grant a CloudFront Origin Identity access to support private content", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity identity canoncal" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::bucket/*" } ] }

Improve this question
3
  • when you are not using the full s3 url, how are you referencing them? Commented May 30, 2014 at 18:30
  • Hi EJ,Thanks for the response. For example css: I tried referencing them relatively as you would normally. This is ok if it is public but when it's a private distribution it doesn't work. I then tried using just the domain name(base url) to reference them ie mysite.cloudfront.net/css/mystyle.css. This didn't work. I can access it by using the fully signed url ie mysite.cloudfront.net/css/mystyle.css?gggjggj.... It seems strange that every image, css, js file needs this. Commented May 31, 2014 at 13:34
  • My work around is this: I figure that I dont need to protect my css, image and js files. I created a new bucket and placed them all in there and made them public then referenced those from my private site. This works. This will probably suit me as I will be creating more buckets that can reference the same files. Commented May 31, 2014 at 13:36

1 Answer 1

Reset to default
2

My work around is this: I figure that I dont need to protect my css, image and js files. I created a new bucket and placed them all in there and made them public then referenced those from my private site. This works. This will probably suit me as I will be creating more buckets that can reference the same files.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Amazing, I couldn't find anything at all on stackoverflow about this. But this works for me too, if I have to use a second, public bucket to get my css urls to work, so be it.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.