Overview
You can use this document to learn how to set a public AWS S3 bucket as the origin for a CDN site.
At a high level, you must:
- Update your bucket's permission
- Create or update a CDN site
You will be required to use the StackPath API if you would like to use a private AWS S3 bucket as the origin for a CDN site. Please see the create a site or update an origin endpoint, where you will finds the origin object fields requesting your S3 bucket keys to be used within your API call.
Step 1: Update your bucket's permissions
To allow the StackPath CDN to access your bucket, you must update your bucket's access permissions through the access control list.
- In the AWS console, navigate to the S3 section.
- Locate and select the desired bucket.
- Click the Permissions tab.
- Scroll down to the Access control list (ACL) section, and then click Edit.
- Under Objects, mark List for Everyone (public access) to allow public access to view objects.
- At the bottom of the screen, mark the box to accept the warning, and then click Save changes.
- To learn more about bucket permissions and policies, visit the AWS documentation site.
- To configure the bucket permission differently and only allow select access to your object, review the list of IP addresses to allow. To learn more, see IP Blocks.
Step 2: Add a bucket as the site origin
You can:
- Create a CDN site and add an AWS S3 bucket as the origin
- Update an existing CDN site to add an AWS S3 bucket as the origin
Option 1: Create a CDN site
- In the StackPath Control Portal, in the left-side navigation, click Sites.
- Click Create Site.
- Based on your preferred integration method, click Full Site or Static Assets.
- In Domain Name, enter a domain name. You can enter a fully qualified domain name or the name of the bucket.
- For example, for a bucket named stackpathtesting in the us-east-2 region, you would enter stackpathtesting.s3.us-east-2.amazonaws.com. Enter a domain with your actual bucket name and region.
- Mark CDN, and then click Set Up Your Origin.
- Under Hostname/IP Address, enter the bucket URL.
- For example, for a bucket named stackpathtesting in the us-east-2 region, you would enter stackpathtesting.s3.us-east-2.amazonaws.com. Enter a bucket URL with your actual bucket name and region.
- You can use enter bucket name in the formats stackpathtesting.s3.us-east-2.amazonaws.com or s3.us-east-2.amazonaws.com/stackpathtesting if you want to enter the path to the bucket instead.
- Select an authentication type to connect to your origin if it is password protected.
-
Select Yes to input a username and password that will be passed through basic HTTP authentication, if required by your origin server.
- Select No not to pass an authentication to the origin server.
-
- (Optional) Add a custom domain.
- Click Confirm Origin Address.
- Select an SSL method and follow the on-screen instructions. When you are finished, click Confirm SSL Method.
- Update your DNS using the on-screen instructions. When you are finished, click Complete Setup.
- This will take you to the Overview page.
- In the left-side navigation, click Settings.
- Review the Host Header to confirm that the bucket URL is selected and displayed.
- If you are using the path format (s3.us-east-2.amazonaws.com/stackpathtesting) of the bucket URL for your Origin Address, then the Host Header will most likely be the bucket region (s3.us-east-2.amazonaws.com), not including the path.
- In the top, right corner of the screen, copy the Site's Edge Address, and then paste the address into a web browser.
- When you press Enter in the web browser, you should see an XML file that contains an index of all the objects within that bucket, which indicates that the CDN has access to your bucket.
- When you press Enter in the web browser, you should see an XML file that contains an index of all the objects within that bucket, which indicates that the CDN has access to your bucket.
- You can now serve your bucket objects over the CDN cache with http://cdn.url/path/to/bucket/object.
- Replace cdn.url with the Edge Address you copied earlier.
Option 2: Update an existing site
- In the StackPath Control, in the left-side navigation, click Sites.
- Locate and select the desired site.
- In the left-side navigation, click Settings.
- In the field next to Address, enter the bucket URL.
- For example, for a bucket named stackpathtesting in the us-east-2 region, you would enter stackpathtesting.s3.us-east-2.amazonaws.com. Enter a domain with your actual bucket name and region.
- Click Save.
- Review the Host Header to confirm that the bucket URL is selected and displayed.
- If you are using the path format (s3.us-east-2.amazonaws.com/stackpathtesting) of the bucket URL for your Origin Address, then the Host Header will most likely be the bucket region (s3.us-east-2.amazonaws.com), not including the path.
Next steps
After you create a CDN site with an S3 bucket, you can:
- Use your S3 bucket as a static website, and then serve the content over the CDN.
- To learn more, visit the AWS documentation site.
- Use the CDN for backup and storage, application hosting, media hosting, or software delivery.
- To learn more, visit the AWS documentation site.