-
Go to Certificate Manager service and select "Provision Certificates" ----> "Get Started"
-
Click on "Request a public certificate" and hit the "Request Certificate"
- Add domain names : "[your donamin name].net" (naked domain name) and click next
- Select validation method : "DNS validation"
- Add tags : Skip this part
- Review and click "Comfirm and Request"
-
To complete the process click "Continue" button
-
On Certificates page Click on your newly created certificate.
-
Status >>> Domain >>> [your donamin name]
-
Then at the bottom of the page click "Create record in Route 53" button.
-
Click "create" on the pop-up menu.
-
It takes a while to be ready.
- Go to S3 service and create a bucket with domain name: "[your donamin name].net"
- Public Access Enabled
- Upload Files named "index.html" and "ryu.jpg" in "v1" folder
- Permissions>>> Bucket Policy >>> Paste bucket Policy
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::please paste your ARN name/*"
}
]
}- Preporties>>> Set Static Web Site >>> Enable >>> Index document : index.html
-
First of all we need to copy endpoint of S3 static website bucket.
-
Go to the S3 service click on S3 static website bucket >>> Properties >>> Static Web Hosting >>> Copy the endpoint (without https://).
-
Go to CloudFront service and select "Create distribution"
-
Select a delivery method for your content: Choose "Web" option and click on "Get Started"
-
Create Distribution :
-
Origin Settings:
- Origin Domain Name: Paste the "endpoint" (without https://) of the S3 bucket
-
Default Cache Behavior Settings
- Viewer Protocol Policy: Select "Redirect HTTP to HTTPS"
-
Distribution Settings
- Alternate Domain Names (CNAMEs): [your donamin name]
- SSL Certificate: Select "Custom SSL Certificate (example.com)" >>> select your newly created certificate
-
-
Leave the other settings as default.
-
Click "Create Distribution".
-
It may take some time distribution to be deployed. (Check status of distribution to be "Deployed")
-
When it is deployed, copy the "Domain name" of the distribution.
-
click your Domain name's public hosted zone
-
click "create record"
-
select "simple routing" ---> Next
-
click "Define simple record"
Record Name: None
Value/Route traffic to:
- Alias to CloudFront distribution endpoint
- US East (N.Virginia) [us-east-1]
- choose your CloudFront distribution endpoint
Record Type : A-
hit the define simple record
-
Select newly created record's flag and hit the "create record" tab seen bottom
-
go to the target domain name "[your DNS name].net" on browser
-
check it si working with "https protocol"
-
show the content of web page.
Step-1 - Invalidation
-
Go to your S3 bucket hosting the website and put the "ryu.jpg" file in the "v2" folder (not in v1) to your bucket.
-
Go to the target domain name "[your DNS name].net" on browser and notice the image has't been changed.
-
Go to the CloudFront Menu and select the newly created distribution.
-
Select the subsection of "Invalidation" tab and click "Create Invalidation"
-
On the opening page enter "/ryu.jpg" and click "Invalidate".
-
After the invalidation process is completed, check the website and notice the image is updates now.
Step-2 - Geo Restriction
-
Go to the CloudFront Menu and select the newly created distribution.
-
Select the subsection of "Restriction" tab >>> Geo Restriction >>> Edit
-
Enable Geo-Restriction : Yes
-
Restriction Type : Black List
-
Countries : US-United States >>> Add
-
Click "Yes Edit"
-
After the restriction process is completed, check the website and notice the webpage is blocked.