o7planning

Create a CloudFront distribution for S3 Bucket

  1. Create CloudFront Distribution
  2. What to do next?
In the previous lesson we created an Amazon S3 Bucket.
In this article, I will show you how to create a CloudFront distribution to deliver content on an S3 Bucket to users faster.
There are basically 2 ways to connect CloudFront and S3 Bucket.
The first way is to connect CloudFront directly to S3 Bucket via S3 Rest API Endpoint.
  • S3 Rest API Endpoint: {bucket-name}.s3.amazonaws.com
The second way is to connect CloudFront to S3 Bucket through the S3 Website Endpoint, if this Bucket has the "Static Website hosting" feature enabled.
  • S3 Website Endpoint: {bucket-name}.s3-website.{s3-region-id}.amazonaws.com
Connecting CloudFront to an S3 Bucket via a S3 Website Endpoint is recommended. Because there are many features of an "S3 Static Website" that are really useful, for example it allows setting redirection rules with many different conditions.
  • Amazon S3 Rest API Endpoint vs S3 Web Endpoint
  • Amazon S3 Static Website Redirection Rules

1. Create CloudFront Distribution

First, login to the Amazon CloudFront Console:
Click the "Create distribution" button to create a Distribution for your S3 Bucket.
Select the value for "Origin domain" from a list, which is essentially a list of "S3 Rest API Endpoints" (Corresponding to your Buckets).
If your S3 Bucket has the "Static Website hosting" feature enabled, a suggestion will be displayed for you to connect CloudFront to S3 Static Website instead of connecting directly to the S3 Bucket.
  • S3 Rest API Endpoint: {bucket-name}.s3.amazonaws.com
  • S3 Website Endpoint: {bucket-name}.s3-website.{s3-region-id}.amazonaws.com
Turn off the Web Application Firewall (WAF) feature, using this feature requires additional fees. If you want to use it, you can configure it later.
Choose the default homepage for the website.
Finally, accept all other default options and press the "Create distribution" button.
After pressing the "Create distribution" button, your distribution will be created almost immediately. It is then automatically deployed, a process that can take several minutes.
After the deployment process is finished, you can access your website through CloudFront's subdomain, like this:
  • https://{lowercase-distribution-id}.cloudfront.net

2. What to do next?

Above we have created a CloudFront distribution for S3 Bucket with default options. More configurations are still needed to have a complete CloudFront distribution, here are a few recommended articles for you:
Error pages:
If you access a path that does not exist, you may receive an error message similar to the one below. To avoid this you need to configure error pages for CloudFront.
Web Application Firewall (WAF)
AWS WAF is a web application firewall that helps protect web applications from attacks by allowing you to configure rules that allow, block, or monitor (count) web requests based on conditions that you define. These conditions include:
  • IP, HTTP headers, HTTP body, URI strings, SQL injection, cross-site scripting
  • Amazon CloudFront WAF