AWS S3 web site with custom domain











up vote
0
down vote

favorite












I've successly deployed and application on AWS S3 with @ng-toolkit/serverless on the AWS generated endpoint. Now I want to use a custom domain I've purchased, in order to access the app from i.e. mydomain.com



Following the AWS guide I have to modify the policy bucket with the following JSON (I used mydomain.com):



{ "Version":"2012-10-17", 
"Statement":[
{
"Sid":"PublicReadGetObject",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::mydomain.com/*"]
}]
}


The problem is that when I save I got error with "Access denied" message.



I used both root user and generated secondary user (as AWS suggests) with AdministratorAccess permissions, but I'm unable to save the policy.










share|improve this question




























    up vote
    0
    down vote

    favorite












    I've successly deployed and application on AWS S3 with @ng-toolkit/serverless on the AWS generated endpoint. Now I want to use a custom domain I've purchased, in order to access the app from i.e. mydomain.com



    Following the AWS guide I have to modify the policy bucket with the following JSON (I used mydomain.com):



    { "Version":"2012-10-17", 
    "Statement":[
    {
    "Sid":"PublicReadGetObject",
    "Effect":"Allow",
    "Principal": "*",
    "Action":["s3:GetObject"],
    "Resource":["arn:aws:s3:::mydomain.com/*"]
    }]
    }


    The problem is that when I save I got error with "Access denied" message.



    I used both root user and generated secondary user (as AWS suggests) with AdministratorAccess permissions, but I'm unable to save the policy.










    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I've successly deployed and application on AWS S3 with @ng-toolkit/serverless on the AWS generated endpoint. Now I want to use a custom domain I've purchased, in order to access the app from i.e. mydomain.com



      Following the AWS guide I have to modify the policy bucket with the following JSON (I used mydomain.com):



      { "Version":"2012-10-17", 
      "Statement":[
      {
      "Sid":"PublicReadGetObject",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::mydomain.com/*"]
      }]
      }


      The problem is that when I save I got error with "Access denied" message.



      I used both root user and generated secondary user (as AWS suggests) with AdministratorAccess permissions, but I'm unable to save the policy.










      share|improve this question















      I've successly deployed and application on AWS S3 with @ng-toolkit/serverless on the AWS generated endpoint. Now I want to use a custom domain I've purchased, in order to access the app from i.e. mydomain.com



      Following the AWS guide I have to modify the policy bucket with the following JSON (I used mydomain.com):



      { "Version":"2012-10-17", 
      "Statement":[
      {
      "Sid":"PublicReadGetObject",
      "Effect":"Allow",
      "Principal": "*",
      "Action":["s3:GetObject"],
      "Resource":["arn:aws:s3:::mydomain.com/*"]
      }]
      }


      The problem is that when I save I got error with "Access denied" message.



      I used both root user and generated secondary user (as AWS suggests) with AdministratorAccess permissions, but I'm unable to save the policy.







      amazon-web-services amazon-s3 serverless-framework






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Nov 17 at 11:34

























      asked Nov 17 at 11:27









      Federico Viotti

      337




      337
























          2 Answers
          2






          active

          oldest

          votes

















          up vote
          0
          down vote













          It is possible to lock yourself out of a bucket with a bad policy (not sure if that applies to your case?). If so you can try the below CLI command (using the root users API key) to remove any existing bucket policy:



          aws s3api delete-bucket-policy --bucket mydomain.com



          If this is your issue, you should be able to insert a new bucket policy as normal now.






          share|improve this answer

















          • 1




            I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
            – Federico Viotti
            Nov 17 at 15:17




















          up vote
          0
          down vote













          If could help someone I finally get the solution changing the setting of the S3 bucket in Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false.
          Doing this I'm able to save the policy!






          share|improve this answer





















            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53350777%2faws-s3-web-site-with-custom-domain%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote













            It is possible to lock yourself out of a bucket with a bad policy (not sure if that applies to your case?). If so you can try the below CLI command (using the root users API key) to remove any existing bucket policy:



            aws s3api delete-bucket-policy --bucket mydomain.com



            If this is your issue, you should be able to insert a new bucket policy as normal now.






            share|improve this answer

















            • 1




              I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
              – Federico Viotti
              Nov 17 at 15:17

















            up vote
            0
            down vote













            It is possible to lock yourself out of a bucket with a bad policy (not sure if that applies to your case?). If so you can try the below CLI command (using the root users API key) to remove any existing bucket policy:



            aws s3api delete-bucket-policy --bucket mydomain.com



            If this is your issue, you should be able to insert a new bucket policy as normal now.






            share|improve this answer

















            • 1




              I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
              – Federico Viotti
              Nov 17 at 15:17















            up vote
            0
            down vote










            up vote
            0
            down vote









            It is possible to lock yourself out of a bucket with a bad policy (not sure if that applies to your case?). If so you can try the below CLI command (using the root users API key) to remove any existing bucket policy:



            aws s3api delete-bucket-policy --bucket mydomain.com



            If this is your issue, you should be able to insert a new bucket policy as normal now.






            share|improve this answer












            It is possible to lock yourself out of a bucket with a bad policy (not sure if that applies to your case?). If so you can try the below CLI command (using the root users API key) to remove any existing bucket policy:



            aws s3api delete-bucket-policy --bucket mydomain.com



            If this is your issue, you should be able to insert a new bucket policy as normal now.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Nov 17 at 12:03









            MisterSmith

            803511




            803511








            • 1




              I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
              – Federico Viotti
              Nov 17 at 15:17
















            • 1




              I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
              – Federico Viotti
              Nov 17 at 15:17










            1




            1




            I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
            – Federico Viotti
            Nov 17 at 15:17






            I tried your command @MisterSmith but unfortunately didn't resolve my problem. Finally I get the solution changing the setting inside Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false. Doing this I'm enable to save the policy.
            – Federico Viotti
            Nov 17 at 15:17














            up vote
            0
            down vote













            If could help someone I finally get the solution changing the setting of the S3 bucket in Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false.
            Doing this I'm able to save the policy!






            share|improve this answer

























              up vote
              0
              down vote













              If could help someone I finally get the solution changing the setting of the S3 bucket in Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false.
              Doing this I'm able to save the policy!






              share|improve this answer























                up vote
                0
                down vote










                up vote
                0
                down vote









                If could help someone I finally get the solution changing the setting of the S3 bucket in Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false.
                Doing this I'm able to save the policy!






                share|improve this answer












                If could help someone I finally get the solution changing the setting of the S3 bucket in Permissions -> Public access setting -> Manage public bucket policies -> Block new public bucket policies = false.
                Doing this I'm able to save the policy!







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered 19 hours ago









                Federico Viotti

                337




                337






























                     

                    draft saved


                    draft discarded



















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53350777%2faws-s3-web-site-with-custom-domain%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    A CLEAN and SIMPLE way to add appendices to Table of Contents and bookmarks

                    Calculate evaluation metrics using cross_val_predict sklearn

                    Insert data from modal to MySQL (multiple modal on website)