AnsweredAssumed Answered

whitelist AWS S3 buckets using complex URI / URL patterns?

Question asked by Jonathan Sander on Sep 18, 2018
Latest reply on Sep 26, 2018 by Jonathan Sander

We're working with a customer who wishes to make a whitelist entry for a range of AWS S3 bucket addresses in their firewall. The names would be in the form:

 

abc-*-xyz.s3-us-east-2.amazonaws.com

OR

abc-*-xyz.s3.us-west-1.amazonaws.com

 

Where the "*" would be a randomly generated string that maps to an ephemeral name for a particular S3 bucket.

 

They are claiming this is not possible because the host in the URI has more than 3 parts. So they say that if it were "abc-*-xyz.amazonaws.com" it could work. But the other pieces in that host make it an invalid authority to use in a whitelist entry.

 

Is that true? Might it be a limitation of some very old version? I would welcome any pointers to appropriate documentation about this as well as answers.

 

Thanks!

Outcomes