I'm trying to setup some redirects using route configurations on an S3 bucket. What I did is setup the static web hosting with this redirection rules
<RoutingRules>
<RoutingRule>
<Condition>
<KeyPrefixEquals>test/</KeyPrefixEquals>
</Condition>
<Redirect>
<ReplaceKeyPrefixWith>anothertest/</ReplaceKeyPrefixWith>
</Redirect>
</RoutingRule>
</RoutingRules>
So each requests to <my-s3-bucket>/test/* will be redirected to <my-s3-bucket>/anothertest/*
If I do this using the S3 static website URL it works, however if I do using the CloudFront URL that is associated with this origin it didn't. Is anything particular I need to do in order to make it work from CloudFront too? Also, I noticed that if I change the redirect target, say I don't want anothertest but alsoatest, the rule did not update properly and instead still redirects to anothertest, so is somehow caching the redirect
Related
So I created a website which shouldn’t be publicly accessible. Therefore I added the keycloak js adapter. Everything works as expected and I am redirected when entering the website url.
But there is a problem. If I use wget on the js/images/css etc. I still can access them because no javascript code is executed and no redirect is performed. How can I make sure that only authenticated users can access these resources? The website is hosted on nginx.
Expected is:
User tries to download file
User is redirected to keycloak if not authenticated.
Solved see comment under original post.
I'm trying to add Jenkins build status using the Embeddable Build Status plugin onto Github README.md file. I have SSO for Github and Jenkins and I assumed it will have the login info in the browser cookies or wherever it stored that info but looks like it doesn't work that way (The same URL works and picks up SSO info and doesn't prompt me when I open it from a browser. It just doesn't like Github pulling that info)
I see a 302 redirect on the Jenkins status badge link that is getting redirected to the SSO page and is expecting JS to be enabled for it to work which isn't possible on a Github README.md page (Even if that was possible I would not see a login prompt)
The console has a warning for this redirected URL request as Cross-Origin Read Blocking (CORB) blocked cross-origin response <the-URL> with MIME type text/html. See https://www.chromestatus.com/feature/5629709824032768 for more details.
I also set the Jenkins config to ViewStatus for anonymous uses based on JENKINS-17798 and I'm using the unprotected link but it still needs SSO
Is there a way I can fix this?
Read this first. Cors-Filter Plugin for Jenkins.
Before you go debugging. First make sure that CORS is enabled for the Jenkins instance. You can go to configure system in jenkins and then to CORS Filter:
A very short summary.
Access-Control-Allow-Origins - List domains that may access the jenkins url.
Access-Control-Allow-Headers - Headers that can be used to make actual request
Access-Control-Expose-Headers - List of headers browser are allowed to access.
Whenever one tries to go authenticating from one domain to another it usually gets redirected in jenkins if CORS Filter is not active. So try this first.
I'm trying to host a static site in S3 with ability to handle some dynamic content using Lambda/Api Gateway. Can't seem to be able to do that.
I want URLs to look like this:
example.com/index.html
example.com/images/*
example.com/css/*
example.com/api/* -> API Gateway
Also, when redirecting I'd like to keep the example.com as a root domain. I tried RoutingRules in S3, but redirects from the client. I need this to be transparent from the user, like proxying requests.
While Bob's answer is pretty neat for public websites and is simple but if you are looking for other alternates which can work for internal sites or don't want to use CDN, you can try following options.
Option 1 -
This is most common option people prefer. You just configure 2 different DNS hosts for static vs api.(Assuming you enable proper CORS for *.example.com)
example.com(S3) --> S3 static content
api.example.com(APIGateway) --> Lambda
Option 2 -
Example.com(APIGateway) --> /apigLambda -->Lambda
Example.com(APIGateway) --> /* --> S3 Bucket/S3 File.
API Gateway Configuration -
API Gateway S3 Backend Proxy -
Example API Urls -
https://xxx.execute-api.us-east-1.amazonaws.com/dev/apigLambda
https://xxx.execute-api.us-east-1.amazonaws.com/dev/myfilename.css
Reference -
https://docs.aws.amazon.com/apigateway/latest/developerguide/integrating-api-with-aws-services-s3.html
Note - In above reference Url, the bucket name is being accepted in Url Path but my example hides bucket name so users have no idea of S3 bucket name when they see API Gateway Url.
Option 3 -
As per your comment just use {proxy+} as resource for proxying S3 to support sub-folders calls but as you suggested, making just pass-through proxy doesn't give much options to transform HTTP response body which I believe still ok since you know your website content files.
You can configure this by putting a CloudFront distribution in front of both the API Gateway API and the S3 bucket for static content. This would also allow you to take advantage of CloudFront's edge caching.
I'm planning to host s3 website with following DNS.
S3 bucket name: example.com
S3 endpoint: example.com.s3-website.amazonaws.com
I also want to separate manual page for my service:
S3 bucket name: manual
S3 endpoint: manual.s3-website.amazonaws.com
When I enter example.com/manual, it should forward all request to my manual S3 but URL should not be changed.
For example, when I access, http://example.com/manual/en/index.html,
it should show manual.s3-website.amazonaws.com/en/index.html
but the URL should not be changed.
I tried to use redirection rules of 'Static website hosting' of bucket properties, but it just redirects to the my manual page (it changed the url).
And I'm using jekyll, but it doesn't support proxy forward unlike nginx.
Is there anything solution, guide, or example to refer?
It would be possible if you would use CloudFront. You don't have to change your S3-setup.
create an origin for each bucket
create a second Behavior for the manual path
And you're done.
This is how I set up redirection to the Amazon S3 site:
(Basically followed instructions from here)
Set up a bucket called www.mysite.com and configured it for static website hosting
In my Godaddy account, configured:
Added a CNAME entry for 'www' to point to the publicly accessible S3 site (like mysite.in.s3-website.amazonaws.com)
Added a forwarding rule (302 redirect) to make both mysite.com and www.mysite.com work - whenever someone types in mysite.com, it redirects (browser url bar changes) to www.mysite.com.
Coming to my actual problem - when I do a Google search, the pages are listed under the S3 site ( mysite.in.s3-website.amazonaws.com) - which I'd like to think of as an implementation detail. Is there something else I should do to get google recognize and show links under mysite.com ?