Does Amazon S3 support HTTP request with basic authentication

Question

I would like to set up an Amazon S3 account, create a bucket, upload some data, and that this data will be available using HTTP GET with basic authentication

Answer 1

By layering multiple AWS services you can achieve something close to Basic HTTP Authorisation.

1. Create a s3 static site.
2. Create a CloudFront Distribution to serve the s3 static site (use the static site url and not the bucket name)
3. Use AWS WAF to create a rule which only allows requests with the correct http Authorization header. This will be a sting match rule on the contents of the Authorization header.
4. Use Route53 to route a custom domain to the CloudFront Distribution

You should now have a static site which can only be accessed with the correct username and password.

NOTE: using this setup you will not be prompted for you credentials as the request is blocked with a 403 Forbidden instead of 401 Unauthorized.

NOTE: You can create a CloudFront distribution in front of a s3 bucket directly, but you will not be able to default to a root index file in sub-folders.

Answer 2

Have a look at my answer here in this somewhat related question.

The question there was to get a bucket-object LIST without heavy S3 login authentication needed. So from your question, my answer does not really explain your inquiry for Http-request with basic username/password authentication - but rather gives a possibility to make the bucket private and still retrieve its data knowing an identity-pool (ID) and a Amazon Resource Name (ARN) (which you can consider similar to username and password). Of course, to get the (ID) and (ARN) you have to do some settings-work in the AWS main pages as described in my 17-step answer here... - and also, it is not part of the GET-request but rather given within the AWSS3 framework that Amazon provides. I hope, it still gives you more options to your question ;)