-
Notifications
You must be signed in to change notification settings - Fork 0
AWS (Amazon Web Services)
AWS is overwhelming and I found their documentation can be confusing. So breaking it down here so that future self and others may be guided by what I learned. First step is to go to AWS and click on the Create an AWS Account button. Keep phone nearby as you will need to verify account with a pin that will be sent via text or email.
When you first signup to AWS, you will get a root user account so the next step is to create an IAM user account that has administrator access. Then you will place that user in an "Administrator" group to which you will attach the AdministratorAccess managed policy. You should only operate from the root user for root user specific scenarios. Outside of those, always utilize IAM users.
Once you are signed into AWS, navigate to AWS IAM Console. Follow these steps: Creating Your First IAM Admin User and Group.
After creating your first IAM user, it will generate a link to be used for signing into AWS each time, the sign-in URL. You can find it by clicking on Dashboard from the navigation pane. This is what it looks like
https://MY_ACCOUNT_ID#.signin.aws.amazon.com/console
Note that MY_ACCOUNT_ID# is your account id. That needlessly exposes account info and it looks terrible. Follow these directions to assign an alias to your account: Your AWS Account ID and its Alias
Sign-out of your root account and sign into your newly created IAM user account using the sign-in URL. The sign-in page has a link to sign-in for root user if you need to get there, but everything from here on out should be performed as an IAM user.
For added security, setup Multi-Factor Authentication. At the minimum set it up for the root account if not also the admin IAM user.
Note about setting up a virtual MFA device:
We recommend that when you configure a virtual MFA device to use with AWS that you save a copy of the QR code or the secret key in a secure place. That way, if you lose the phone or have to reinstall the MFA software application for any reason, you can reconfigure the app to use the same virtual MFA. This avoids the need to create a new virtual MFA in AWS for the user or root account.
Amazon Simple Storage Service (S3) buckets are where you will store the content for uploading website.
What helped me with the process of creating and routing the buckets is understanding the difference between a root domain and subdomains. The root domain (also referred to as bare/naked domain or zone apex) is the highest level domain for the purpose of setting up a website.
- my_website.com is the root domain.
- www.my_website.com and blog.my_website.com are subdomains (note that they both have a dot separating the prefixed sub-name from the root domain).
This will come into play particularly when you start to decide how your blog is setup. There are copious discussions arguing the pros and cons of using subdomain vs subfolder for your blog. Google blog subdomain vs subfolder
- my_website.com/blog is a root domain with a blog subfolder
Keeping this concept clear will also help to avoid deployment issues. In this case, the subdomain you will be working with is prefixed by www..
Navigate to Amazon S3 console. Follow step 2 to create two buckets, one for the root domain and the other for the subdomain. You will host content in the root domain (the subdomain just redirects to the root domain), and configure your buckets for website hosting. Note that you only add the bucket policy to the root domain.
Do not proceed to Step 3.
Navigate to the Amazon Route 53 console
If you haven't purchased and registered your domain name, yet, follow Step 1: Register a domain.
Do not continue beyond Step 1.
If you have a registered domain from GoDaddy.com, follow these steps to start the process of migrating a domain from DNS Provider, GoDaddy.com, to Amazon Route 53 (enter your root domain in the Domain Name field): Creating a Hosted Zone
This creates four Name Server (NS) records and a Start of Authority (SOA) record. Make note of the NS records.
Login to your GoDaddy account and follow these steps to enter in the NS records you just generated: Set custom nameservers for domains registered with GoDaddy.
Follow Step 5: Route DNS Traffic for Your Domain to Your Website Bucke and create a resource record set for both your root domain as well as your subdomain. Note that when you are creating the record set for the subdomain, enter www (no dot) into the Name field.
You should now be able to enter both root and subdomain into web browsers and see your site. Celebrate!
Proceed on to next step Setup HTTPS in AWS to secure your connection. And if you're not quite swayed to use HTTPS, Google gives a higher ranking for HTTPS over HTTP sites, so better for SEO: HTTPS as a Ranking Signal. And HTTPS is faster than HTTP: HTTP vs HTTPS Test.