I’ve got a static S3 website. When I log in, I can see that the endpoint is http://www.example.com.s3-website.eu-west-2.amazonaws.com, but I’ve seen answers claiming that the site should be accessible via HTTPS at https://www.example.com.s3-website.eu-west-2.amazonaws.com. This doesn’t work though.

Did AWS used to support HTTPS for static sites and have now stopped it, or do I need to enable it somehow?

So the answer is no, it’s not possible to use HTTPS for S3 static websites directly like I’m trying to do. From the docs:

Note the following about using HTTPS when the origin is an Amazon S3
bucket:

Default

* If your Amazon S3 bucket is configured as a website endpoint, you can't configure CloudFront to use HTTPS to communicate with your origin because Amazon S3 doesn't support HTTPS connections in that configuration.

1 2 3 4 5

* If your Amazon S3 bucket is configured as a website endpoint, you can't configure CloudFront to use HTTPS to communicate with your origin because Amazon S3 doesn't support HTTPS connections in that configuration.