Static Website hosting with Staging in AWS

Question

We are running a static website that gets deployed by CI automatically to a public S3 bucket. The website is a jekyll page that has multiple folders. We are very happy with the setup because of the ease of deployment and no infrastructure.

But we now have traffic to our website and we want to add a staging phase. This phase should be reachable by selected non-technical people from known IP's. We are not able to achieve this using a S3 bucket as this bucket needs to be public.

So we are looking for a way to deploy the static website with a staging area that is not public. Is this possible with a AWS service or other cloud offering?

Answer 1

The first part is relatively easy, just set up another bucket, deploy to there for staging and from there to your production bucket to go live.

Second part turns out to be straightforward too, you can specifiy a policy on an S3 bucket that restricts access to an IP range - see the example here: http://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-3

Personally I'd suggest that it would be better to use a login based restriction if at all possible (the person you need to sign off being out of the office is a classic example of where IP address restrictions get you into trouble) either way you have sufficiently fine grained control over S3 bucket permissions to let you do what you need

Answer 2

We solved this issue by having subfolders in the S3 bucket with unguessable names. The names allow the subfolders to be publically available and act as a shared secret password to the static website. Every pull request gets automatically deployed in this bucket to a subfolder.

Example:

s3-staging-bucket
└ ed567c0e-dca9-44fc-b1bc-18ed5237f598/
  └ index.html