It seems that there is often the question of whether one should name buckets as images-example-com or images.example.com.
Two things to consider are:
- Would you like to use S3 over HTTPS?
- Would you like to use a custom domain name instead of the default S3 bucket URL?
Strictly speaking, buckets with dots in the name will show an SSL mismatch warning when you address them over HTTPS using the default bucket URI.
This is due to the fact that S3 operates on the .amazonaws.com domain, and any extra dots will make it seem as if a bucket is a subdomain (not covered by the SSL certificate).
On the other hand, you have to use dots if you want to have a custom domain (CNAME) pointed at your bucket. That is to say, the bucket name has to match the said custom URL in order for S3's virtual-host style service to work.
For example, we call our bucket images.example.com and add a DNS record of images.example.com CNAME images.example.com.s3.amazonaws.com.
S3 would then forward incoming request to any bucket with a name matching the host in the HTTP headers (refer to http://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html).
So, it would seem that based on the name we chose, we can use either one of the features or the other (HTTPS vs CNAME). But there is a solution to this dilemma: CloudFront.
Placing a CloudFront distribution in front of our bucket allows a custom domain, plus a custom SSL certificate, to be specified.