First, this is an awesome project, thank you! I found it to be very helpful.
Second, a question: is my reading accurate that WebsiteConfiguration is not really doing anything here? If so I think it would be helpful to remove it from the template to clarify that the WebsiteConfiguration and S3 website endpoint are incompatible with locking down access to the bucket in this way.
The docs about private static websites show a bucket configuration that implies usage of the website endpoint (
WebsiteConfiguration
):But the CloudFront distribution created there is not pointing at the website endpoint:
Which, if I understand it correctly, is because accessing S3 objects through the website endpoint is incompatible with the origin access identity feature that is used here.
First, this is an awesome project, thank you! I found it to be very helpful.
Second, a question: is my reading accurate that
WebsiteConfiguration
is not really doing anything here? If so I think it would be helpful to remove it from the template to clarify that theWebsiteConfiguration
and S3 website endpoint are incompatible with locking down access to the bucket in this way.I'm happy to send a PR if it makes sense.