How must I configure an S3 bucket to serve sensitive content via website hosting (where the bucket name is the same as the DNS record)? The website will only be reachable from within intranet.
Since it's sensitive material, the bucket and its contents must have public access blocked, obviously. Now, the only file I want to be able to view on a browser is a report.html that I can easily configure as the "index.html" for that S3 website.
Currently I have the bucket blocking public access, with the exception of specific objects that are configured to be publicly accessible via ACL. And of course I have configured the job that generates the report to make it accessible via ACL. This way I can view the report fine on the browser. Still, that specific object is now publicly readable.
So the question is, how can I make that object readable only via the website?
Thanks for any clues.
