Static Hosting with SSL on S3

Static Hosting with SSL on S3

Let's face it, resumes can often be tedious and unremarkable.

As someone who has helped recruit for numerous teams, I've come across many resumes, but none have truly impressed me with their presentation. Unfortunately, in the year 2022, resumes remain the accepted means of showcasing one's prior work experience to potential employers.

About a year ago, I wanted to take my resume online. However, I wasn't keen on paying for a hosting service to keep it online. As someone who loves serverless and has experience with AWS, I set myself some fundamental requirements and got to work.

I needed to host static content in an S3 bucket that was accessible on a custom domain name, with SSL (HTTPS) connections. Here are the steps I took to achieve this:

Step 1: Domain Name

Numerous companies sell domain names, and while your domain registration doesn't necessarily have to be done through Amazon, doing so simplifies several steps. I purchased lewislovelock.com for $15 through Route53.

Step 2: Create Custom Domain SSL Certificates

What would an online resume be without the necessary security protocols? After registering my domain in Route53, I requested a certificate from AWS Certificate Manager. I entered two different records: one to the naked domain and another prefixed with www. Once the certificate request had been initiated, I created a CNAME record for my domain's hosted zone for each of the certificate paths. I could have made this process even simpler by clicking a button and letting AWS insert the record for me.

Step 3: Setup S3 Bucket Content

Next, I created two buckets: one, lewislovelock.com, which contains all of the static content I want to host, and another, lewislovelock.com, which redirects traffic to lewislovelock.com. When creating these buckets, I had to ensure that "Block all public access" was unchecked so that the content would be visible to the public.

Once created, I uploaded my content into the primary static hosting bucket

I then went to the Properties tab of the bucket and edited the Static website hosting settings. I wanted to use this bucket to host my website, so I set the Index document to the filename of the default page (e.g., index.html). At this point, I used the Endpoint in the static hosting settings to test everything out.

0_7dmj2W0XR6SdLGPQ.png

Step 4: Create CloudFront Distributions

With my SSL certification ready, I moved on to CloudFront. For this use case, a CloudFront distribution is the connective tissue between the DNS record, SSL certificate, and my S3 bucket. The reason for all of this seemingly unnecessary complexity is that CloudFront can handle SSL connections with a custom domain, but S3 cannot (at the time of writing).

I created two separate CloudFront distributions: one specifically to handle lewislovelock.com and another to handle lewislovelock.com. I could have used just one distribution to respond to both names, but doing so would display client traffic as originating from either lewislovelock.com or lewislovelock.com depending on the original request. With the two-CF configuration, requests to the secondary domain name will flow through to the secondary S3 bucket (www.*) and then be redirected to the www-free path.

Step 5: Update Domain Zone Settings

With my CloudFront distributions up and running, the only thing left to do was to update the DNS settings in Route53 for my domain.

Step 6: Party Time

And that's it! By following these steps, you should now be able to visit my resume at lewislovelock.com and lewislovelock.com, using either HTTP or HTTPS requests, and be routed to the same.