How to Configure AWS S3 as Origin Site on Alibaba Cloud CDN

Scenario Description

Alibaba Cloud Content Delivery Network (CDN) is a scalable and high-performance content delivery service for accelerated distribution of content to users across the globe. CDN is commonly used with Alibaba Cloud’s Object Storage Service (OSS) to accelerate large files and other static content for websites.

Step 1: Verify Public Address and Access Permission on S3 Bucket

1. Take note of your S3 public end-point address and bucket name as your origin site.

  • AWS console > Services > Storage > S3 > Your bucket name
  • In this guide, the S3 public end-point address is “s3.ap-northeast-2.amazonaws.com” and bucket name is “ali-cdn-test”

Step 2: Add and Configure Alibaba Cloud CDN with AWS S3 Public Address

1. Go to the CDN console on Alibaba Cloud

  • Alibaba Cloud console > CDN > Domain Names > Add Domain Name
  • Domain: your service domain, “test.test.com”
  • Origin Site Information: “Origin Site”
  • Domain Name: your S3 public address, in this guide: “s3.ap-northeast-2.amazonaws.com”
  • “Acceleration Region” options can be selected based on your own needs
  • Domain Names > Your service Domain > Manage > Back-to-Origin Configuration > Back-to-origin Host > Enable > Domain Type > Origin Site

Step 3: Configure CNAME Record on Your DNS

1. Take a note CNAME record from CDN console on Alibaba Cloud. In this guide, I will use “test.test.com.w.kunlunsl.com”

  • Please make sure “Exclamation mark” is removed from CDN console”.
  • DIG command with your service domain has right CNAME record.

Step 4: Validate

1. Input your service domain with S3 bucket name,http://service-domain/s3-bucket-name/filename

  • In this scenario, http://test.test.com/ali-dns-test/15mb.jpg
  • If you already apply “SSL certification” on this service domain, you can input https protocol. You can find “SSL protocol enable guide” at the end of this document.

Step 5: Security Hardening

1. Apply SSL certification and enable HTTPS protocol on Alibaba Cloud CDN

{
"Id": "Alibaba CDN with AWS S3 http referer policy",
"Statement": [
{
"Sid": "Allow get requests originated from www.example.com and example.com",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::ali-cdn-test/*",
"Condition": {
"StringLike": {
"aws:Referer": "https://test.test.com/*"
}
}
}
]
}

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alibaba Cloud

Alibaba Cloud

Follow me to keep abreast with the latest technology news, industry insights, and developer trends. Alibaba Cloud website:https://www.alibabacloud.com