Hosting a static website

Last updated 1 year ago

Was this helpful?

This page was generated from content adapted from the

Website endpoints

Important Amazon S3 website endpoints do not support HTTPS or access points. If you want to use HTTPS, you can use Amazon CloudFront to serve a static website hosted on Amazon S3. For more information, see To use HTTPS with a custom domain, see . Requester Pays buckets do not allow access through a website endpoint. Any request to such a bucket receives a 403 Access Denied response. For more information, see .

Note Some browsers display their own error message when an error occurs, ignoring the error document that Amazon S3 returns. For example, when an HTTP 404 Not Found error occurs, Google Chrome might ignore the error document that Amazon S3 returns and display its own error.

Note On the website endpoint, if a user requests an object that doesn't exist, Amazon S3 returns HTTP response code 404 (Not Found). If the object exists but you haven't granted read permission on it, the website endpoint returns HTTP response code 403 (Access Denied). The user can use the response code to infer whether a specific object exists. If you don't want this behavior, you should not enable website support for your bucket.
Important The following policy is an example only and allows full access to the contents of your bucket. Before you proceed with this step, review to ensure that you understand the best practices for securing the files in your S3 bucket and risks involved in granting public access.
Important If your bucket uses the bucket owner enforced setting for S3 Object Ownership, you must use policies to grant access to your bucket and the objects in it. With the bucket owner enforced setting enabled, requests to set access control lists (ACLs) or update ACLs fail and return the AccessControlListNotSupported error code. Requests to read ACLs are still supported.

Important To create redirection rules in the new Amazon S3 console, you must use JSON. For JSON examples, see .
Important To create redirection rules in the new Amazon S3 console, you must use JSON.

Last updated 1 year ago

Was this helpful?

This page was generated from content adapted from the

Important Amazon S3 website endpoints do not support HTTPS or access points. If you want to use HTTPS, you can use Amazon CloudFront to serve a static website hosted on Amazon S3. For more information, see To use HTTPS with a custom domain, see . Requester Pays buckets do not allow access through a website endpoint. Any request to such a bucket receives a 403 Access Denied response. For more information, see .

Note Some browsers display their own error message when an error occurs, ignoring the error document that Amazon S3 returns. For example, when an HTTP 404 Not Found error occurs, Google Chrome might ignore the error document that Amazon S3 returns and display its own error.

Note On the website endpoint, if a user requests an object that doesn't exist, Amazon S3 returns HTTP response code 404 (Not Found). If the object exists but you haven't granted read permission on it, the website endpoint returns HTTP response code 403 (Access Denied). The user can use the response code to infer whether a specific object exists. If you don't want this behavior, you should not enable website support for your bucket.
Important The following policy is an example only and allows full access to the contents of your bucket. Before you proceed with this step, review to ensure that you understand the best practices for securing the files in your S3 bucket and risks involved in granting public access.
Important If your bucket uses the bucket owner enforced setting for S3 Object Ownership, you must use policies to grant access to your bucket and the objects in it. With the bucket owner enforced setting enabled, requests to set access control lists (ACLs) or update ACLs fail and return the AccessControlListNotSupported error code. Requests to read ACLs are still supported.

Important To create redirection rules in the new Amazon S3 console, you must use JSON. For JSON examples, see .
Important To create redirection rules in the new Amazon S3 console, you must use JSON.