Does Amazon S3 support HTTP request with basic authentication

Question

I would like to set up an Amazon S3 account, create a bucket, upload some data, and that this data will be available using HTTP GET with basic authentication

Answer 1

By layering multiple AWS services you can achieve something close to Basic HTTP Authorisation.

1. Create a s3 static site.
2. Create a CloudFront Distribution to serve the s3 static site (use the static site url and not the bucket name)
3. Use AWS WAF to create a rule which only allows requests with the correct http Authorization header. This will be a sting match rule on the contents of the Authorization header.
4. Use Route53 to route a custom domain to the CloudFront Distribution

You should now have a static site which can only be accessed with the correct username and password.

NOTE: using this setup you will not be prompted for you credentials as the request is blocked with a 403 Forbidden instead of 401 Unauthorized.

NOTE: You can create a CloudFront distribution in front of a s3 bucket directly, but you will not be able to default to a root index file in sub-folders.