aws-s3-cloudfront-ssl-setup

This guide explains how to connect Amazon S3, Route 53, CloudFront, and SSL to serve a secure website.

Prerequisites

1. AWS Account
2. Domain Name (registered in Route 53 or elsewhere)

Project Workflow Overview

• Static Website Files: Store your HTML, CSS, and JS files in an S3 bucket.

• Custom Domain: Use Route 53 to create and manage DNS records for your domain.

• SSL Certificate: Secure the website with HTTPS using AWS Certificate Manager (ACM).

• Content Delivery: Distribute content globally and enforce HTTPS using CloudFront.

• Diagram:

  [Your Domain Name] <-----> [Route 53]
         |
         v
  [CloudFront (SSL)]
         |
         v
  [S3 Bucket (Static Website)]
  

Steps

1. Set Up an S3 Bucket

1. Log in to the AWS Management Console.

2. Navigate to the S3 service.

3. Create a new S3 bucket:

   • Bucket Name: Match your domain name (e.g., yourcreativecorner.xyz).
   • Region: Select a region close to your audience.

4. Enable Static Website Hosting:
   • Go to the bucket properties.

• Select Static Website Hosting and enable it.

• Upload your website files (HTML, CSS, JS, etc.).

2. Configure Route 53

1. Navigate to Route 53 in the AWS Console.

2. Create a hosted zone:
   • Click on "Create hosted zone."

• Enter your domain name and other required details.

3. Change the Nameservers:

   • Copy the nameservers provided by Route 53.

• Update the nameservers with your domain registrar.

4. Add a record set:
   • Record Type: A (Alias).
   • Alias Target: Set this to the CloudFront distribution (to be created later).

3. Add SSL (AWS Certificate Manager)

1. Navigate to Certificate Manager in the AWS Console.

2. Request a public certificate:

• Add your domain name (e.g., yourcreativecorner.xyz).

3. Validate the certificate via DNS:
   • Add the CNAME records provided by ACM to your Route 53 hosted zone.

4. Create a CloudFront Distribution

1. Navigate to CloudFront in the AWS Console.

2. Create a new distribution:
   • Origin Domain Name: Select your S3 bucket.

• Viewer Protocol Policy: Redirect HTTP to HTTPS.
• Default Root Object: index.html.

3. Attach the SSL certificate:

• Use the certificate created in ACM.

4. Deploy the distribution.

• Wait for the distribution to deploy.

5. Test the Setup

1. Visit your domain in a browser.
2. Ensure the site loads securely over HTTPS.

---

Troubleshooting

• S3 Bucket Permissions: Ensure the bucket policy allows public read access if needed.
• CloudFront Cache: Clear the cache after updates to S3.
• DNS Propagation: Allow up to 24 hours for DNS changes to take effect.

---

Useful Commands

• Clear CloudFront cache:

  aws cloudfront create-invalidation --distribution-id YOUR_DISTRIBUTION_ID --paths "/*"

• Check DNS records:

  nslookup example.com