No targets available when trying to set alias target from Route 53 to S3
I'm trying to setup a simple Amazon AWS S3 based website, as explained here.
I've setup the S3 bucket (simples3websitetest.com), gave it the (hopefully) right permissions:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AddPerm",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::simples3websitetest.com/*"
]
}
]
}
I uploaded index.html, setup website access, and it is accessible via http://simples3websitetest.com.s3-website-us-west-2.amazonaws.com/index.html
So far so good, now I want to setup Amazon Route53 access and this is where I got stuck.
I've setup a hosted zone on a domain I own (resourcesbox.net), and clicked "create record set", and got to the "setup alias" step, but I get "No targets available" under S3 website endpoints when I try to set the alias target.
What did I miss??
The A-record alias you create has to be the same as the name of the bucket, because virtual hosting of buckets in S3 requires that the Host: header sent by the browser match the bucket name. There's not really another practical way in which virtual hosting of buckets could be accomplished... the bucket has to be identified by some mechanism, and that mechanism is the http headers.
In order to create an alias to a bucket inside the "example.com" domain, the bucket name is going to have to also be a hostname you can legally declare within that domain... the Route 53 A-Record "testbucket.example.com," for example, can only be aliased to a bucket called "testbucket.example.com" ... and no other bucket.
In your question, you're breaking this constraint... but you can only create an alias to a bucket named "simples3websitetest.com" inside of (and at the apex of) the "simples3websitetest.com" domain.
This is by design, and not exactly a limitation of Route 53 nor of S3. They're only preventing you from doing something that can't possibly work. Web servers are unaware of any aliasing or CNAMEs or anything else done in the DNS -- they only receive the original hostname that the browser believes it is trying to connect to, in the http headers sent by the browser ... and S3 uses this information to identify the name of the bucket to which the virtual hosted request applies.
Amazon S3 requires that you give your bucket the same name as your domain. This is so that Amazon S3 can properly resolve the host headers sent by web browsers when a user requests content from your website. Therefore, we recommend that you create your buckets for your website in Amazon S3 before you pay to register your domain name.
http://docs.aws.amazon.com/gettingstarted/latest/swh/getting-started-create-bucket.html#bucket-requirements
Note, however, that this restriction only applies when you are not using CloudFront in front of your bucket.
With CloudFront, there is more flexibility, because the Host: header can be rewritten (by CloudFront itself) before the request is passed through to S3. You configure the "origin host" in your CloudFront distribution as your-bucket.s3-website-xx-yyyy-n.amazonaws.com where xx-yyyy-n is the AWS region of S3 where your bucket was created. This endpoint is shown in the S3 console for each bucket.
Assume you have a hosted zone abc.com. and you create a bucket abc.com (which doesnt show up in the list in routes aliases) - you may think it's the . after the name - which you can't name the buckets with
Try this as well. Because the first time I created the bucket with the correct name and still didn't work. Believe me I have OCD so I didn't miss a fullstop or a comma.
- Create another hosted zone with the same name abc.com
- You will now see 2 of the same hosted zone (abc.com. and abc.com.)
- Delete the new one
- Go back to the old hosted zone abc.com
- You might be able to see the s3 endpoints coming up - this may be an issue in Route53
This worked for me trying out almost everything - Some suggestions I see is to logout and login for some sort of cache clear - not sure