AWS S3 Bucket ‘host’ header

The other day I was working with DNS delegation and I needed to test a subdomain being posted in AWS route 53 to make sure that I can use this DNS delegation configuration for future projects confidently.

Here’s a link to a post from Amazon web services about DNS delegation.

This helped me realize that DNS Delegation is not hard to setup. It just requires a little patience.

After setting up DNS Delegation I needed a website to test with. I thought it would be overkill to setup an EC2 server with a simple hello world webpage when I could just setup a static website using S3….because hey, it’s easy.

This lead me to realize that pointing to the S3 bucket from a custom domain is not a trivial as having a webserver with a Public IP address. This is because you cannot use a CNAME record for the apex of a domain.

Here is a great blog post on why you cannot:

I ended up having my domain registered in AWS Account #1 with a Route53 zone in the same account. My delegated subdomain (AWS hosted zone) was in AWS Account #2.

Finally, the S3 bucket I wanted to host the static website in was in Account #1.

This meant I couldn’t use the Route53 feature of an “Alias” A-Record for pointing to my S3 bucket. This was my workaround.

TLDR note: *S3 looks at the host header!*

When you configure a bucket for website hosting. I think: In the background, S3 creates an entry to serve up requests from it’s S3 web API backed by your bucket if your bucket name is specified in the *host* header. Normal responses are replied with using XML. An S3 bucket configured to be a website replies with HTML.

See here for a helpful table:

Here are my steps

I created nameserver records in Route53 (in zone for a subdomain ( in AWS Account 1 to the nameservers for the Delegated zone in AWS Account 2 (for the same subdomain)

Then I created `` in the delegated zone to point to ``

the chain works because the S3 endpoint behind `` received that request and looks at the `host` header. (Even tho the website bucket is named: ) Then it finds the bucket named in the `host` header, and returns the contents since it is a website bucket.

you can try this in Postman. Send a request to the IP address received from running:


probably the same as what you get for `` = ``

then set the host header to be: `` and you see the same page as: (the S3 generated CNAME for the bucket)

Be sure to put the header key value into Postman as a header and not as a query string (that puts it in the url)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s