Limit S3 Access to Cloudflare

To limit the access to your S3 website buckets to the cloudflare network you can simple add the following Bucket Policy

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::your.bucket.name/*",
            "Condition": {
                "IpAddress": {
                    "aws:SourceIp": [
                        "103.21.244.0/22",
                        "103.22.200.0/22",
                        "103.31.4.0/22",
                        "104.16.0.0/12",
                        "108.162.192.0/18",
                        "131.0.72.0/22",
                        "141.101.64.0/18",
                        "162.158.0.0/15",
                        "172.64.0.0/13",
                        "173.245.48.0/20",
                        "188.114.96.0/20",
                        "190.93.240.0/20",
                        "197.234.240.0/22",
                        "198.41.128.0/17",
                        "2400:cb00::/32",
                        "2405:8100::/32",
                        "2405:b500::/32",
                        "2606:4700::/32",
                        "2803:f800::/32",
                        "2c0f:f248::/32",
                        "2a06:98c0::/29"
                    ]
                }
            }
        }
    ]
}

Aws Billing Alert

Because aws has no billing limit. It is importent to get notified when the cost are growing. Create Budget To create an alert you simply go to your admin console and navigate to Billing. There you will finde the point Budget. Here can you define an alert for your account. First thing you have to do is define the period in there your budget work. Mostly monthly is the choise. [Read More]

Host Static Hugo Website on S3 With Cloudflare

I migrate my personal website from a decided server to a more modern cloud solution. I used the aws S3 Service as basic file store and webserver. After that I use the free cloudflare service to enable TLS on my site. Generate the website For my personal website I use the hugo website generator. I used hugo because it is a lite fast app to generate static website from markdown files. [Read More]