Skip to content

[Rules] Update providers.mdx #17622

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 18, 2024
Merged

[Rules] Update providers.mdx #17622

Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
95852ed
[Rules] Update providers.mdx
ngayerie Oct 18, 2024
5058783
Update to generic recommendation
pedrosousa Oct 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 38 additions & 0 deletions src/content/docs/rules/cloud-connector/providers.mdx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,44 @@ Cloud Connector supports both subdomain and URI path-style URLs:

For more information, refer to the [Amazon S3 documentation](https://docs.aws.amazon.com/AmazonS3/latest/userguide/EnableWebsiteHosting.html).

### Configure bucket policies to allow Cloudflare IP addresses

Now that you’ve created your buckets and enabled hosting for static content, you can set up permissions to allow Cloudflare to access your bucket.
This ensures that your site only responds to requests coming from the Cloudflare proxy. This is the [current list of IP address ranges](https://www.cloudflare.com/ips/) used by the Cloudflare proxy.

To set up your policy:

1. Follow these instructions from Amazon to [Add an S3 Bucket Policy](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html).
2. For the step where you enter the policy in the **Bucket policy editor**, use this sample to fill out the needed JSON code, making sure to replace:
- `www.example.com` (appearing in `"Resource": "arn:aws:s3:www.example.com/*"`) with the S3 bucket name for your subdomain URL.
- The placeholder IP addresses with the [current list of IP address ranges](https://www.cloudflare.com/ips/)

```json
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "AllowCloudflareIPs",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::www.example.com/*",
"Condition": {
"IpAddress": {
"aws:SourceIp": [
"192.2.0.1/32" (example IPv4 address),
"192.2.1.0/24" (example IPv4 range),
"2001:db8::1111:1111" (example IPv6 address),
"2001:db8::/32" (example IPv6 range),
(add all IPs ranges at https://www.cloudflare.com/ips)
]
}
}
}
]
}
```

## Google Cloud Platform - Cloud Storage

The hostname of your Cloud Storage bucket URL must be the following (where `*` is a wildcard character):
Expand Down
Loading