5min Nov 08, 2021 Ayush Kumar Sharma CLOUD Views : 1610

In this blog post , we will host a static website with a custom domain name using S3 bucket and Cloudfront.

Process Involved

●    Register a custom domain on Route53
●    Creating S3 buckets
●    Store the contents in S3 bucket
●    Configuring access policy for the S3 buckets
●    Testing the domain endpoint
●    configuring DNS records
●    Testing website
●    Improving performance of the website using Cloudfront


●    As S3 doesn't serve the traffic using an HTTPS connection , we will make use of cloudfront for the domain.
●    Domain be hosted in the Route53


The following AWS services will be used for this Implementation.

●    Route 53
●    S3 Buckets
●    Cloudfront
●    AWS Certificate manager

Registration of a Domain in AWS Route 53

Host a domain using Route 53. Route 53 is a global service.

Go to Route 53, In the left Navigation pane, select Hosted Zones


Select Created Hosted Zone

In the following page , Enter a domain name - For example : and type be Public Hosted zone and press Create


Domain is successfully hosted in the Route53

Creating S3 Buckets

Make sure the bucket name is the same as the Domain name.

Let's create two S3 buckets as follows.

Bucket 1 :

Bucket 2 :

Go to S3 console, Click Create bucket
Enter the Domain name as the Bucket name


and click Create.

Create a bucket for the domain as well.


 The required s3 buckets are successfully created.


Uploading static contents to S3 bucket

Upload the website content to the S3 bucket; the bucket named will be used as the main S3 bucket.

If the customer/end user types the domain will be automatically redirected to

For testing purposes , an index.html file will be uploaded to the main bucket (

To upload the content , click Upload , add the files and then click Upload.

The file is successfully  uploaded to the main S3 bucket.

Configuring S3 Static Website Hosting

To configure static website hosting for the s3 bucket. Choose the main bucket and then click Properties,

For Static website hosting, click Edit , and choose to use this bucket to host a website.


The index document and the error document will beindex.html, and press Save.
Static web hosting is successfully configured.


Making S3 Bucket Public

For the end users to view the contents of the website, the s3 bucket should be public. By adding the S3 bucket policy we can make the s3 bucket public. For that we should let the s3 bucket accept the bucket policy.

Click Permissions tab.


All public access to the s3 bucket is blocked by default.


Click Edit, and Uncheck ACL’s and click Save.


Next step is to add the bucket policy to make the S3 bucket public. Select the main bucket and click permissions and choose Bucket policy. Add the s3 bucket policy provided below, make sure the domain name is replaced.

       "Version": "2012-10-17",
             "Sid": "AddPerm",
             "Effect": "Allow",
             "Principal": "*",
             "Action": "s3:GetObject",
             "Resource": "*"

                           Read Also: Creating EC2 Instances using Terraform

The policy will grant read-only access to all the contents in the s3 bucket to the end users.

Setup-non-www to www redirection

We need to set up a redirection from to

For which the 2nd bucket ( will be used. Open the S3 bucket and click Properties and choose Static web hosting. Choose Redirect requests and for the target bucket or domain , Enter and the Protocol be https, and then click Save.


The following bucket will be used for redirection from the non-www domain to the www domain.


Generating free SSL certificate

Setup a SSL certificate using ACM so that the website will be served using https.


To generate free SSL certificates, Go to ACM Console, Request a public certificate, select Request a certificate

Under Add domain names, Enter the FQDN (Fully Qualified Domain Name) of a domain.

For example :

Enter the domain name with the prefix *. To generate SSL certificate for all the subdomains of


Click Next, using one of the below methods the certificate request should be validated.
 ●    DNS Validation
 ●    Email Validation


Add tags to the certificate, Click Review
Click Confirm and request

If DNS Validation is selected, a CNAME record will be provided which should be added to the Route53 console.

If Email Validation is selected, ACM sends the validation email to the Domain registrant, technical contact and Administrative contact.

One of the above should reply to confirm the certification request.

Once the validation process is completed, The certificate will be Issued.


This certificate can be used with the cloudfront distribution.


Go to the Cloudfront console. 2 cloudfront distributions will be created. Click Create Distribution


And select Web as the delivery method.
Under Origin Settings , enter the endpoint of the S3 bucket's static web hosting of the main S3 bucket i.e

Go to S3 console , Click the bucket and choose Properties
Under Static website hosting , You can get the static website hosting endpoint. Copy the endpoint without http.

Go to the cloudfront console and paste the copied endpoint for origin domain name
For the Viewer protocol policy , Choose Redirect HTTP to HTTPS


For Alternate Domain name (CNAMEs) , Enter the domain name which is
For an SSL Certificate , Choose the SSL certificate that was created before. Make sure the certificate is generated in the N.Virginia region.


And at last Click Create distribution.

Following the same procedure create a distribution for
The static website hosting should look like (without www)
Make sure the Viewer Protocol policy is Redirect HTTP to HTTPS


For Alternate Domain name (CNAMEs), type

Choose the SSL certificate from ACM and Click Create distribution

Adding DNS Records

Go to the Route53 console.

The DNS records should be created as follows.
●    Create A record pointing to the cloudfront distribution of


●    Create A record for pointing to the cloudfront distribution of


Alternate Method of Above Implementation

With the help of one s3 bucket , We can host the static website hosting using S3 bucket and cloudfront distribution.

1.    Create a S3 bucket and upload the website contents
2.    Create free ssl certificate using ACM
3.    Create cloudfront distribution with the s3 origin
4.    Restrict bucket access should be Yes
5.    Grant Read Permissions on Bucket : Yes, Update Bucket Policy
6.    Viewer Protocol Policy- Redirect HTTP to HTTPS
7.    Alternate domain names (CNAMES) –
8.    Apply the SSL certificate
9.    The Default Root object be index.html
10.   After the deployment of cloudfront distribution , Add the DNS A records pointing to cloudfront distribution alias to
11.    Add CNAME record for pointing to


We have implemented static website hosting using AWS services such as S3 bucket , cloudfront , ACM.
We have also configured https secure connection with the redirection from non-www domain to www domains.