rubyamazon-web-servicesamazon-cloudfrontaws-sdk-ruby

How do you create an AWS Cloudfront Distribution that points to an S3 (static hosted) Website Endpoint using the SDK?


I have an S3 bucket configured as a website endpoint to host a static web page.

I want to put Cloudfront in front of it.

I copied the "Endpoint" from the S3 Bucket's "Properties" :: "Static Website Hosting."

It is of the form: "example.com.s3-website-us-east-1.amazonaws.com"

When I try to create_distribution using the Aws SDK CloudFront Client I get this Error:

Aws::CloudFront::Errors::InvalidArgument 
The parameter Origin DomainName does not refer to a valid S3 bucket.

Example Ruby Code is as follows:

cloudfront = Aws::CloudFront::Client.new()
cloudfront.create_distribution({
  distribution_config: {
    ...
    origins: {
      quantity: 1,
      items: [{
        id: "Custom-example.com.s3-website-us-east-1.amazonaws.com",
        domain_name: "example.com.s3-website-us-east-1.amazonaws.com",
        s3_origin_config: {
          origin_access_identity: ""
        },
        origin_path: ""
      }]
    },
    ...
  }

})

I am able to create a distribution with the same "Origin Domain Name" through the GUI as well as through the CLI

aws cloudfront create-distribution \
  --origin-domain-name example.com.s3-website-us-east-1.amazonaws.com \
  --default-root-object index.html

Solution

  • Websites Endpoints that are statically hosted on an S3 bucket need to be configured as an "Origin Type" "custom_origin" and NOT S3_Origin. You can see that this is the case under the "Origins" Tab for the Distribution in the GUI.

    Sample Ruby Code:

        distribution_config: {
        ...
          origins: {
            quantity: 1,
            items: [{
              id: "Custom-example.com.s3-website-us-east-1.amazonaws.com",
              domain_name: "example.com.s3-website-us-east-1.amazonaws.com",
              custom_origin_config: {
                http_port: 80, # required
                https_port: 443, # required
                origin_protocol_policy: "http-only", # required, accepts http-only, match-viewer, https-only
              },
            }]
         ...
         }