Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Access to my S3 websites using OpenVPN

0

Hello nice to meet you, as part of some changes on my cloud i would like to implement VPN access for my S3 websites running on my DEV environemt because rightnow they are public and only accessed from the Cloudfront distributrion, right now the connection involves: 1- One cloudfront distribution 2- One S3 bucket with static hosting enable 3- OpenVPN server running on my cloud Also on top of this I have AWS WAF,

Temas
AlmacenamientoCálculoSeguridad, identidad y cumplimientoRedes y entrega de contenido
Etiquetas
Amazon Simple Storage ServiceAprovisionamiento de sitios webAWS WAFRedes y entrega de contenidoAmazon CloudFront
Idioma
English
bestierapa
preguntada hace 8 meses336 visualizaciones
2 Respuestas
0

As you're already using WAF then setup web access control lists (web ACLs) to limit access to just a range of IPs that matches your VPN https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html

Then apply this to the CloudFront distribution.

You can also restrict access using CloudFront directly https://repost.aws/knowledge-center/cloudfront-access-to-amazon-s3

profile picture
EXPERTO
Steve_M
respondido hace 8 meses
0

If you want to access to S3 buckets outside of cloudfront and only from your VPN, you could use something like a VPC s3 gateway endpoint and on the buckets only allow access from specific VPC endpoints.

https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies-vpc-endpoint.html

profile picture
EXPERTO
Gary Mclean
respondido hace 8 meses

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante