CloudFront Configuration

Overview

Amazon CloudFront is AWS’s content delivery network (CDN) service, enabling the distribution of data, videos, applications, and APIs to users with low latency and high transfer speeds. For static websites, CloudFront improves performance by caching static content such as HTML, CSS, JavaScript, and images at edge locations closer to users. This not only reduces page load time but also offloads traffic from the origin server, ensuring smoother website performance and enhanced security via SSL/TLS integration and DDoS protection.

We can use CloudFront to redirect HTTP to HTTPS for S3 Static Web Hosting, and also implement WAF to enhance security.

CloudFront Configuration

1. On the “CloudFront” service screen, select “Create a CloudFront distribution”.

   

2. In the Origin domain field, select the bucket created in the previous step.

   

3. In the Origin access section, select:

   • “Legacy access identities”.
   • “Yes, update the bucket policy”.
   • “Create new OAI”.
   • “Create”.
   

4. In Default Cache Behavior > “View”, select “Redirect HTTP to HTTPS”.

   

5. Leave the other settings at their default values.

   

6.

• In the “Web Application Firewall” section, select “Do not enable security protection”.

• In the “Settings” section, select “Use North America, Europe, Asia, Middle East, and Africa”.

• In the “Alternate domain name” field, enter the domain name workshop1.kongtran.online that was assigned a certificate in the previous step.

  

7.

• In the Custom SSL certificate section, select the ACM certificate created earlier.

• Finally, scroll to the bottom and click “Create distribution”.

  

8. The CloudFront deployment will take 7-10 minutes. Once successfully deployed, you’ll see a Last modified status like this:

   

9. Go to your domain management page, and add a CNAME with the name workshop1 and the value as the Distribution domain name of the CloudFront distribution you just created.