I'm looking to set up a static HTML site using an S3 bucket with CloudFront, just like I've done in the past with ReactJS sites. It was a convenient way to update the site easily using `aws s3 sync`, plus I got SSL through CloudFront. However, I'm running into some issues now. It seems like creating a custom policy is no longer an option, which is crucial for passing authentication information to another website and setting up CORS. The example CloudFront functions provided by Amazon aren't working for me, and I'm planning to try Lambda @ Edge next. Is CloudFront still a feasible option for this setup, or do I need to consider alternatives? I can set up an EC2 instance with a LetsEncrypt cert, but I'm trying to avoid managing a server for something so straightforward. Any suggestions would be appreciated!
5 Answers
I'm not quite sure what you mean by a custom policy, but using CloudFront in front of S3 with Origin Access Control is pretty standard and it still works great.
Check this out for more details on AWS's updated offerings: https://www.reddit.com/r/aws/comments/1p0pa4p/aws_offers_flatrate_including_free_web_hosting/
It seems like AWS updated their policies a while back, but you can still achieve what you need. There's just been some adjustments.
True, but the ability to set `Access-Control-Allow-Credentials` is gone now. That has really impacted the usability.
Using CloudFront with an S3 origin is still a solid choice for hosting static sites. They've actually introduced a flat rate pricing option recently, so you have more flexibility than before.
It still works well, but you might want to consider trying out Cloudflare as an alternative. It could fit your needs without the hassles you're running into with CloudFront.

The issue is that when setting response headers, there are no predefined policies allowing `Access-Control-Allow-Credentials`. Creating a custom policy seems to be costly. It looks like for anything needing advanced CORS settings, CloudFront might not be suitable anymore.