AWS Cloud9 doesn't allow static manifest.json but does allow css file
Its mainly because right now your app is not publicly accessible on port 80, once you will go live it shouldn't be a problem.
Update - Alternate method below
You can put the manifest json content as base64 encoded string in the html itself. Below is the sample manifest json and its implementation in the link tag on the page.
{
"name": "your app name",
"gcm_sender_id": "xxxxxxx",
"gcm_user_visible_only": "true"
}
On HTML page -
<link rel="manifest" href="data:application/manifest+json;base64,ewogICJuYW1lIjogInlvdXIgYXBwIG5hbWUiLAogICJnY21fc2VuZGVyX2lkIjogInh4eHh4eHgiLAogICJnY21fdXNlcl92aXNpYmxlX29ubHkiOiAidHJ1ZSIKfQ==">
This occurs because the request for the manifest file is done without using cookies/credentials, but the VFS proxy uses a cookie to restrict access to the development preview. Essentially the 499 & error message actually mean access denied.
This question describes the issue more generically: Cookies not sent with request for Web App manifest.json
I have confirmed that this works with AWS cloud9 & Google Chrome 78.
<link rel="manifest" href="/manifest.json" crossOrigin="use-credentials">