Amazon S3 Redirect and Cloudfront

Matt Smith picture Matt Smith · Mar 30, 2014 · Viewed 51.6k times · Source

I'm trying to setup 301 redirects on S3 using objects, referenced here http://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html. I've been having some problems and can't seem to figure out what I'm doing wrong.

What I get is a blank page (0 byte file) as if the 'Website Redirect Location' metadata value is not set.

What am I doing wrong?

Also, does this work on AWS CloudFront?


My S3 Console Setup S3 Console Setup

Couple things to note:

I have this setup for hosting a static site. I'm using ssl/https with my own cert uploaded and set on the cloudfront distribution. All the pages seem to work except the redirecting objects. I've tried setting up routing rules but they didn't seem to work in Cloudfront.

I'm trying to access the redirects both through the cloudfront url and the s3 url (https://s3.amazonaws.com/{bucket}/users/sign_in)

Answer

Michael - sqlbot picture Michael - sqlbot · Mar 31, 2014

For web site-like functionality in S3, such as redirects, html error messages, and index documents, you can't use the REST endpoint (${bucket_name}.s3.amazonaws.com or ${bucket_name}.s3.${region}.amazonaws.com) since these features are only provided by the web site endpoints (${bucket_name}.s3-website.${region}.amazonaws.com).

http://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteEndpoints.html

To make the behavior available in Cloudfront, you need to configure Cloudfront to use this endpoint, as well, not the REST one offered via autocomplete in the console.

Enter the Amazon S3 static website hosting endpoint for your bucket. This value appears in the Amazon S3 console, on the Properties page under Static Website Hosting.

When you specify the bucket name in this format, you can use Amazon S3 redirects and Amazon S3 custom error documents.

http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistS3AndCustomOrigins.html

Note that the web endpoints do not support HTTPS, but you can configure Cloudfront to fetch from the bucket with HTTP even though the client connection is HTTPS.


Helpful tip: when troubleshooting and testing changes with CloudFront, users are often confused by the apparent "latency" between when you make changes and when CloudFront starts exhibiting the new behavior. In the case of error pages, CloudFront has a default 5 minute Error Caching Minimum TTL that prevents it from re-sending requests for failed pages to the origin, and this is a separate timer from the minimum/default/maximum TTL set in Cache Behavior. Particularly when testing, you may want to disable these timers and force a retry with each subsequent request of pages that returned errors, using the steps I provided in the answer to a question about apparent Amazon CloudFront Latency.