By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Access to my S3 websites using OpenVPN

0

Hello nice to meet you, as part of some changes on my cloud i would like to implement VPN access for my S3 websites running on my DEV environemt because rightnow they are public and only accessed from the Cloudfront distributrion, right now the connection involves: 1- One cloudfront distribution 2- One S3 bucket with static hosting enable 3- OpenVPN server running on my cloud Also on top of this I have AWS WAF,

Topics
StorageComputeSecurity, Identity, & ComplianceNetworking & Content Delivery
Tags
Amazon Simple Storage ServiceWebsite ProvisioningAWS WAFNetworking & Content DeliveryAmazon CloudFront
Language
English
bestierapa
asked 8 months ago324 views
2 Answers
0

As you're already using WAF then setup web access control lists (web ACLs) to limit access to just a range of IPs that matches your VPN https://docs.aws.amazon.com/waf/latest/developerguide/web-acl.html

Then apply this to the CloudFront distribution.

You can also restrict access using CloudFront directly https://repost.aws/knowledge-center/cloudfront-access-to-amazon-s3

profile picture
EXPERT
Steve_M
answered 8 months ago
0

If you want to access to S3 buckets outside of cloudfront and only from your VPN, you could use something like a VPC s3 gateway endpoint and on the buckets only allow access from specific VPC endpoints.

https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies-vpc-endpoint.html

profile picture
EXPERT
Gary Mclean
answered 8 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content