A simple ADMINLTE (HTML/CSS) Website on S3 with Javascript is it SPA or Static for this deplotment?

Question

A simple ADMINLTE (HTML/CSS) Website on S3 with Javascript is it SPA or Static for this deplotment?

Closed this issue 3 years ago · 2 comments

Hi
I am trying to create a Cloudfront authentication for an existing S3 bucket, Cloudfront and Cognito with SAML Federation.

I am unsure on whether SPA mode or Static mode as I thought Cloudfront can't handle secret and we have a simple HTML /CSS with Javascript

So I created new Cognito App without secret, but would not let me use it as Static mode require Secret.

Is a simple Website currently running in S3 bucket with cloudfront a static or SPA and do I need a client secret or not?

very confused.
Thanks

Answer 1 · 2022-01-12T12:50:16.000Z

Hi @pjshort75

Does this info help?: https://github.com/aws-samples/cloudfront-authorization-at-edge#spa-mode-or-static-site-mode

In short, from what you are saying, it sounds like you are better off with static site mode, as it is more secure (slightly, but this is debatable, and SPAMode is also secure IMHO, but every user should judge this on his own).

When in doubt, SPA mode is more "flexible", and will work for all use cases.

You can try with static site mode first if you want, and if it doesn't work, redeploy with SPA mode.

Note if you redeploy from the Serverless Application Repository and use the same stack name (Application name) as you did for the previous deployment, your previous deployment will just be updated with the new values.

Hope that helps!

Answer 2 · 2022-02-03T08:28:27.000Z

Closing for now