@ncano might know what’s up with that. Literal value images.example.com.s3-website-us-east-1.amazonaws.com passes the inital hostname test, and resolves. But as soon as I attempt a Save it says it’s an invalid host. I tried setting match for Hostname EQUALS, and also tried Path CONTAINS.
Thanks for reporting! We’re aware that *.s3-website-{region} hostnames are not passing the validation right now. Current workaround is to use another accepted URL format (for example, *.s3-website.{region}) while we’re fixing this.
It seems that “s3-website-{region}” hostnames was fixed. But I have another issue with website cloud connector:
While I’m trying to set “s3-website-{region}” hostname - getting an error.
“No quota has been allocated for this zone or for this account. If you’re already a paid SSL for SaaS customer, please contact your Customer Success Manager for additional provisioning. If you’re not yet enrolled, please fill out this form and someone from our sales team will contact you: https://www.cloudflare.com/plans/enterprise/contact/. (Code: 1404)”
and popup with “In order for your rule to work, you need to proxy the DNS records of your domain (or subdomain) through Cloudflare.” with button proceed anyway.
dns for domain is already proxied through cloudflare
if “I proceed anyway” website starts redirected too many times from “https” to “http” and back.
Thank you for the report, we are aware of this and are actively working on a fix. These are actually two different issues:
“s3-website-{region}” hostnames are now accepted, but the HTTPS fix hasn’t been released yet.
When a rule is submitted for deployment, we are now trying to validate if the hostname your rule is targeting (if any) exists in your account and is orange-clouded. To do this, we query DNS records and Cloudflare for SaaS custom hostnames in your zone. The SSL for SaaS error originates from this flow, and we’re working on performing this check more gracefully.