Angular

Hosting Static Websites on Amazon S3 - Optimizing Website Security and Performance

PRO
Outline

All the tutorials in this course:


I'll begin by navigating to the Route 53 Dashboard and then selecting my TheDataProject.net hosted zone. As you can see, there's already a nice collection of records - including one pointing to my Teach Yourself Data Analytics in 30 Days subdomain. I'm going to create a new record within this zone for our new website.

I'll enter the subdomain name - MySite. When you add the domain name itself, of course, it'll add up to the name of S3 bucket.

Now I'll leave the Record Type as "A" and enable the traffic routing to use an Alias. Clicking inside the box allows me to visually search for resources within all the relevant AWS services. I'm looking for my S3 endpoint. When I select that, a new box appears so I can narrow down my search by AWS region. As you'll remember, my bucket exists in the US East 1 region, so I'll select that. That'll open up a new S3 Endpoint box. Clicking once in that box will give me all the available buckets in that region of my account. As it turns out, there's only the MySite bucket we're working with, so I'll select that. I'm happy with the routing policy and the "evaluate health" setting, so I'll just click Create Records and I'm done.

Now we're off to the CloudFront dashboard. I'll click Create Distribution and start the ball rolling. I begin by selecting an origin domain. That means the location where my content currently exists. Once again, AWS automatically populates the field as a drop-down containing all the possible resources within my account that might be eligible. And, once again, the MySite bucket is there waiting for us. This'll work fine for us in this case. However there may be cases when connections will fail using a distribution configured this way. Instead - for some reason I can't fathom - you'll sometimes want to use the S3 endpoint rather than the automatically-generated syntax used in our example. Just something to keep in mind if you're troubleshooting problems.

Depending on where most of your users live, you can keep your costs down by restricting the active edge locations to particular subsets of the world. I'll go with North America - after all, which European, Asian, or African would seriously want to visit my silly little website? In any case, it'll still work for everyone else, it's just that it might be a bit slower.

You will want to add a CNAME value for routing. Again, this will also match the name of our S3 bucket.

Now we come to the encryption certificate - which is the primary reason we're going to all the bother of creating this CloudFront distribution. If you already had an available certificate, you'd click in the field and, just as happened with our endpoint, it would magically appear. But you probably won't happen to have a certificate lying around, so you'll click the Request Certificate link instead.

The key value you'll need to enter is the same fully qualified domain name we used for our bucket and the CNAME just before. I'm only adding a "1" to this address because, as I said, there's already a cert waiting for me. If you're configuring a www subdomain, you can add that name to the certificate here.

We won't actually get our certificate until we validate it. That can happen in one of two ways: If the DNS records for your domain are managed through Route 53 - as they are in our case - then you can select DNS validation and, later, prompted to create a validation file in your hosted zone. But in all cases, you could select Email validation and you'll be sent an email with a link you can click.

With the DNS Validation option selected, I'll click the Request button. You'll see that validation for our new request is still pending. Click that cert's link and then the "Create records in Route 53" button. Make sure your cert is selected - it's the only one in the list in this case - and then click Create records. AWS will automatically create all necessary records for you in your Route 53 hosted zone.

The site configuration is complete. It may not be pretty, but we've got ourselves a highly-available, secure, and simple site. And did I mention it was dirt cheap? Since we're only using a subdomain, Route 53 won't cost us a penny. And S3 and CloudFront charge by the volume of data that's requested. Depending on the size of your site objects, you could handle thousands of visitors for less than a dollar each month.

 

I finished! On to the next chapter