Is it possible to use Cloudflare + AWS S3 without setting up S3 static hosting?

I’ve got small static JSON files sitting in an AWS S3 bucket that my (hybrid PhoneGap/Cordova) mobile app needs to read from (not write). I want to use Cloudflare between them. I know there are plenty of articles about static website hosting with this combination but I’m wondering if that’s overkill for this? i.e. can I just connect Cloudflare to my S3 bucket without configuring all the static hosting stuff on S3, and if so how?

The JSON files are public and that’s fine, I don’t need to restrict access to just the app.

Thanks

Why that exactly?

Not sure what that configuration would be, but you basically need AWS to respond to a regular domain host. If that is possible you can simply point Cloudflare to it.

I’ve seen a Workers recipe that pulls data from a readable bucket. I’m having difficulty with search at the moment.

Serve S3 images from your own domain (no CORS needed) possibly?

Possibly, but I that one still looks like it’s using your domain (static hosting) for the source URL.

Was the best I could come up with, sorry :man_shrugging: My experience with AWS and workers is equally semi-non-existent :smile:

I guess workers might be a bit of an overkill for that use case. Depending on how important caching is I’d leave Cloudflare completely out of the picture in this case, but if not I’d simply associate a domain and be done with it rather than also force workers into the proxied equation for a simple text file :slight_smile:.

I’ve set up a bucket for static hosting for just the cost of the bucket. Set it to static host a subdomain, then CNAME it and set to :orange: and Flexible SSL via page rule.

This is where @sandro blows a fuse at the mention of Flexible SSL. :crazy_face:

1 Like

Fl, fl, fle, flex, no way :laughing:

Thanks guys. I want to use Cloudflare in front of S3 rather than S3 direct, because of the global caching and the free Cloudflare plan to save on bandwidth. My app just needs to load in some static JSON files. How do I configure Cloudflare to allow this? Do I need a custom domain?

Anyway if this is not possible I can just set up my S3 bucket for static site hosting but it seemed a bit overkill just to privately (i.e. from the app) access a few JSON files.
Thanks

Well, you need a domain to access Cloudflare in the first place. If you want things simple you should simply set up that domain on Amazon as well, in which case you can simply proxy through at no additional charge. If that is not possible you’d need to go the worker way @sdayman suggested, in which case you can proxy to any random URL but that will be additionally charged.

Thanks - sorry how do I / what do you mean by “set up that domain on Amazon as well” - the articles re static hosting with S3 and Cloudflare say bucket name has to equal domain name, is that it?

And also “simply proxy through”? I’m just trying to clarify if I can basically put the original S3 URL to my bucket into Cloudflare somehow, but I guess not, there has to be my own domain in there somewhere (which is fine) and therefore I have to set up full S3 static site hosting? Just trying to work out the simplest way of doing this…
Thanks

No idea I am afraid, not familiar with AWS and its configuration at all. You basically need to map the same domain you configure on Cloudflare to that bucket or whatever they call it.

The moment you can access the file on AWS via your domain, you simply add that domain to Cloudflare and configure its DNS settings in Cloudflare’s control panel in a way so that they point to Amazon. That should be it in theory.

1 Like

I actually just set this up - you don’t need to enable “static hosting” on a S3 bucket as long as the bucket name is the same as the FQDN;

So if you want wow.example.com as the custom domain:

  • create a bucket named exactly wow.example.com
  • go to Cloudflare -> DNS tab and create a CNAME. Name is wow and target is wow.example.com.s3.us-east-1.amazonaws.com

Note: replace us-east-1 with the region where you created your S3 bucket.

Now I would recommend creating a page rule that matches wow.example com/* so that you can set “cache level” to “cache everything” (also set “SSL” to “Full”)

9 Likes

That’s sounding more familiar. And then I…put flexible SSL in front of that because Amazon doesn’t SSL their buckets. Right?

And thats when Amazon stopped being an option :wink:

1 Like

Edited the post, you can do “full” ssl, just not “full strict” since their SSL certificate is *.s3... and the wildcard cert won’t work with 3 extra levels of DNS.

1 Like

In this case it doesnt even seem to be a level issue but will simply be a mismatch of the common name. But yes, non-strict full should work as long as there is a certificate.

@Judge Thanks - that’s what I was looking for, so do I need to actually buy/own a custom domain, or can I just make one up to tie together the S3 bucket and CNAME on Cloudflare?

The domain doesn’t need to be bought through Amazon or anything, but it does need to be registered and active on Cloudflare (via any registrar). As long as the bucket name matches what shows up in a browser, and the CNAME is set up like above, it should work.

1 Like

This topic was automatically closed after 14 days. New replies are no longer allowed.