Create a CloudFront distribution for S3 Bucket
In the previous lesson we created an Amazon S3 Bucket.
In this article, I will show you how to create a CloudFront distribution to deliver content on an S3 Bucket to users faster.
There are basically 2 ways to connect CloudFront and S3 Bucket.
The first way is to connect CloudFront directly to S3 Bucket via S3 Rest API Endpoint.
- S3 Rest API Endpoint: {bucket-name}.s3.amazonaws.com
The second way is to connect CloudFront to S3 Bucket through the S3 Website Endpoint, if this Bucket has the "Static Website hosting" feature enabled.
- S3 Website Endpoint: {bucket-name}.s3-website.{s3-region-id}.amazonaws.com
Connecting CloudFront to an S3 Bucket via a S3 Website Endpoint is recommended. Because there are many features of an "S3 Static Website" that are really useful, for example it allows setting redirection rules with many different conditions.
- Amazon S3 Rest API Endpoint vs S3 Web Endpoint
- Amazon S3 Static Website Redirection Rules
1. Create CloudFront Distribution
First, login to the Amazon CloudFront Console:
Click the "Create distribution" button to create a Distribution for your S3 Bucket.
Select the value for "Origin domain" from a list, which is essentially a list of "S3 Rest API Endpoints" (Corresponding to your Buckets).
If your S3 Bucket has the "Static Website hosting" feature enabled, a suggestion will be displayed for you to connect CloudFront to S3 Static Website instead of connecting directly to the S3 Bucket.
- S3 Rest API Endpoint: {bucket-name}.s3.amazonaws.com
- S3 Website Endpoint: {bucket-name}.s3-website.{s3-region-id}.amazonaws.com
Turn off the Web Application Firewall (WAF) feature, using this feature requires additional fees. If you want to use it, you can configure it later.
Choose the default homepage for the website.
Finally, accept all other default options and press the "Create distribution" button.
After pressing the "Create distribution" button, your distribution will be created almost immediately. It is then automatically deployed, a process that can take several minutes.
After the deployment process is finished, you can access your website through CloudFront's subdomain, like this:
- https://{lowercase-distribution-id}.cloudfront.net
2. What to do next?
Above we have created a CloudFront distribution for S3 Bucket with default options. More configurations are still needed to have a complete CloudFront distribution, here are a few recommended articles for you:
Error pages:
If you access a path that does not exist, you may receive an error message similar to the one below. To avoid this you need to configure error pages for CloudFront.
Configure custom domain and HTTPS/SSL
Web Application Firewall (WAF)
AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include:
- IP, HTTP headers, HTTP body, URI strings, SQL injection, cross-site scripting
- Amazon CloudFront WAF
Amazon Web Services Tutorials
- Java Awssdk S3 S3Client Upload object
- Java Awssdk CloudFront Invalidation
- Create AWS accessKeyId/secretAccessKey
- Host a static website on Amazon S3
- Java Awssdk S3 List objects
- DigitalOcean Spaces Create Access Key
- Java Awssdk Common Credentials Providers
- Java Awssdk ProfileCredentialsProvider
- Java Awssdk Creating and using EnvironmentVariableCredentialsProvider
- Java Awssdk Creating and using SystemPropertyCredentialsProvider
- Java Awssdk S3 Upload object with S3TransferManager
- Java Awssdk S3 S3TransferManager download object
- Java Manipulate DigitalOcean Spaces using S3TransferManager
- Java Create, list and delete S3 Bucket
- Introduction to Amazon ACM
- Aws Console create IAM User
- Create Amazon S3 Bucket
- Configure custom domain for Amazon S3 static website
- Create a CloudFront distribution for S3 Bucket
- Configure Amazon CloudFront Error Pages
- Amazon S3 Bucket policies
- Amazon AWS Policy Generator - policygen
- Migrate DNS service to Amazon Route 53
- Transfer domain registration to Amazon Route 53
- Request an SSL certificate from Amazon ACM
- Introduction to Amazon Web Services (AWS)
- Introduction to Amazon S3
- Introduction to Amazon Cloudfront and its architecture
- How to reduce Amazon Cloudfront Costs?
- Amazon CloudFront Invalidation
- Introduction to DigitalOcean Spaces
- Create DigitalOcean Spaces Bucket
Show More