I’m just a bit curious about what your request exactly would entail. Could you perhaps expand on what this feature would do?
I would imagine though if you have a self-hosted instance of Bitwarden this can be run anywhere that is supported, be that on-prem or in a public cloud such as AWS.
You should be able to run an instance of Bitwarden with attached S3 buckets for object storage.
I’m not sure familiar with Cloudfront but from what I can gather it is a CDN mixed with a WAF, so you may be able to front your Bitwarden instance with this as well.
If you need further help with rolling out your deployment I also encourage you to feel free to reach out to Bitwarden’s official support.
So instead of having attachments, I could enter a base url as a Custom Text with type eg, SignedURL BW would then convert that into a Signed URL when I click it. There would be a setup for the Key/Secret of course. Right now, if I want to view, say a JPG attachment, I would have to first download it then open it. If it were a clickable URL, it would just open in a browser and the URL expires, etc.
BTW, I was running vaultwarden (still running actually in an EC2 instance) but I realize that now that BW is used by everyone in the extended household, it becomes risky self-hosting should I get hit by a bus, etc.