Project description

In this project I am hosting a static website with Amazon S3, Route 53 and CloudFront distribution with a public certificate and an OAI access policy.

  • High Availability and Reliability: This architecture leverages multiple AWS services that are designed for high availability and reliability. Amazon S3 provides durable storage for your website's static assets, and CloudFront's global network of edge locations ensures low-latency access for users worldwide. Route 53 also contributes to reliability by providing DNS services that distribute traffic effectively.
  • Scalability: AWS services like S3, CloudFront, and Route 53 are built to scale with your website's traffic. CloudFront can handle sudden spikes in traffic and distribute it efficiently to edge locations, reducing the load on your origin (S3 bucket). This ensures that your website remains responsive during traffic surges.
  • Global Content Delivery: CloudFront's Content Delivery Network (CDN) caches your website's content at edge locations across the globe. This means that users can access your website from a nearby location, reducing latency and improving page load times. This global distribution also contributes to improved website availability.
  • SSL/TLS Encryption: By using a public certificate, you enable secure communication between users' browsers and your website. This helps protect sensitive data and user privacy. The certificate ensures that data transmitted between the user and CloudFront is encrypted using SSL/TLS protocols.
  • Security and Access Control: You mentioned using an Open Internet Access (OIA) access policy. This policy likely restricts access to your resources, ensuring that only authorized users and systems can interact with your website and associated AWS services. This adds an additional layer of security to your website deployment.
  • Cost-Effective: AWS provides a pay-as-you-go pricing model, which can be cost-effective for hosting static websites. You only pay for the resources you consume, making it a scalable and budget-friendly solution.
  • Easy Maintenance: Hosting a static website on AWS simplifies maintenance tasks. You don't need to manage server infrastructure or worry about scaling resources as your site grows. AWS services handle much of the operational overhead, allowing you to focus on developing and improving your website.

Technologies:

  • S3
  • Route 53
  • CloudFront
  • Certificate Manager

Certificate Manager

Request certificate for domain name

  • Domain Name: shv-dev.com and *.shv-dev.com.
  • Validation method: DNS validation.

Create record in Route 53 via Certificate Manager

Create S3 bucket

The name of the S3 bucket has to match with the domain name.

  • Name: shv-dev.com.
  • Other settings: Default.

Create CloudFront distribution

  • Origin domain: shv-dev.com.s3.eu-central-1.amazonaws.com.
  • Origin access: Origin access control settings.
    • Create OAI - Name: shv-dev.com.s3.eu-central-1.amazonaws.com-OAI
  • Viewer protocol policy: Redirect HTTP to HTTPS
  • Custom SSL certificate: shv-dev.com (…)
  • Alternate domain name (CNAME): Shv-dev.com/www.shv-dev.com
  • Default root object: index.html
  • Create distribution and copy the provided S3 bucket policy to our created bucket

Create alias record in Route53 for CloudFront distribution

  • Alias records
  • Route traffic to: Alias to CloudFront distribution.
  • Select our created distribution
  • Create CNAME record in Route53 (to forward all www.shv-dev.com to shv-dev.com)

Testing the setup

Call the adress shv-dev.com.