I'm using AWS S3 and Cloudfront to host a website (e.g. www.company.com). I want to additionally have the the naked domain (without the www) to point to the same content. I initially created a redirect in DNS but https://company.com didn't work.
I can create an apex record for the naked domain in the DNS but can I point it to the same cloudfront CNAME used for the www.company.com or do I have to create a new S3 bucket and new cloudfront distribution?
S3 to CloudFront Distribution
Create two CloudFront distributions
Request for Certificates from AWS Certificates Manager
Create CNAME with Route 53 and point the alias target to the respective distributions
Create Origin in both distributions pointing to that S3 bucket
Hope it helps.
Another solution using only one Cloudfront distribution, if redirecting company.com to www.company.com is acceptable (usually it's preferred).
Create an S3 bucket named company.com
Configure the bucket for static website hosting. Choose "Redirect requests for an object" and enter www.company.com.
Update your DNS a record to point to the bucket.
Related
Let's say I have an S3 bucket named example.com and I want to serve its content through CloudFront using an alternate domain example.com.
I've added a CNAME record to direct example.com to the CloudFront endpoint, and secured the domain using an AWS SSL Certificate.
In CloudFront, when I go to select the Origin, it shows my bucket. For example: example.com.s3.amazonaws.com
If I choose this origin, and I browse to https://example.com/my-bucket-item.jpg, I get redirected to https://example.com.s3-us-east-2.amazonaws.com/my-bucket-item.jpg and a "Connection not secure" SSL error appears.
If I set the origin to just the domain example.com then I get a 403 Bad Request error from CloudFront.
From what I understand, my bucket has to share the name of my domain, otherwise I get a "bucket does not exist" error.
I've followed the AWS documentation on this. What I'm doing wrong here?
Update
I successfully got CloudFront to recognize my alternate domain by changing my origin policy to Managed-CORS-S3Origin.
New problem: even though I've selected 'Yes' to 'Restrict Bucket Access', I'm still able to access files via the S3 url. Do I need to turn off public access to my bucket? If I do this, it seems to override my CloudFront policy...
I had to change my origin request policy to Managed-CORS-S3Origin - this solved the general problem for me.
I'm new to CloudFront and was wondering how to force it to redirect. In Apache it's just through Virtual Host, but with CloudFront, I'm confused how to do it.
Here is my scenario
NameCheap
CNAME | www | random12345.cloudfront.net (where my site files are)
AWS
ACM - requirement for CloudFront for custom SSL (N.Virginia)
Domain Name: sample.com
Additional Domain Name(s): *.sample.com
CloudFront Distribution
Domain Name: random12345.cloudfront.net
CName: sample.com
*.sample.com
Result
WORKED: https://www.sample.com | www.sample.com
NOT WORKING: sample.com | https://sample.com | http://sample.com
Typing these in the search bar results to Error: This site can’t be reached sample.com’s server IP address could not be found. DNS_PROBE_FINISHED_NXDOMAIN
I attempted to create an S3 bucket to force redirect to https://www.sample.com
but can't create since CNAME www.sample.com is already used for the CloudFront Distribution. Can't use # in CNAME since it is not recommended on root configuration due to its effect on MX records
Thanks a lot.
You have to following step for redirecting non-www domain to www :
Note: www.example.com bucket should have code and example.com will be empty bucket only configuration mention below.
Create example.com S3 bucket.
Go to S3 bucket properties -> Static website hosting then select Redirect request add value as www.example.com
Set Bucket policy and CORS same www.example.com bucket
Create CloudFront for example.com use origin as example.com.s3-website-us-east-1.amazonaws.com not which selection dropdown giving.
Select user *.example.com ACM for https
Then create Route53 Entry for this example.com as A record select respective CloudFront origin for example.com.
This domain is transferred to AWS if you don't want full NS record then only move A record to AWS.
Then you are done.
I have built a git backed static site that lives in an S3 bucket and is updated with a Code Pipeline. The site is fully hosted on AWS. The Route 53 name servers point to the S3 bucket but I have recently created a Cloudfront distribution that points to the S3 bucket so I am able to have a SSL certificate. The problem is I believe when you go to the sites url it still points to the S3 bucket and not the Cloudfront distribution. Could this be due to a Route 53 config issue?
The SSL certificated is ACM are active and hosted in (US East)N. Virgina and have been added to the custom SSL certificate in the Cloudfront distribution.
the Cloudfront distribution origin is the S3 bucket with it being "domainname.s3.amazonaws.com" (there are two distributions one for domainname.com and www.domainname.com pointing to each bucket respectivley.
I know a common fix for this is to wait for cloudfront to find the bucket and so I have waited 24 hours before asking the question.
If there is any more information I need to provide please let me know I have tried to proved as much as possible but there is something I am probably overlooking.
Seems like you have to update your Route53 configuration.
As the docs say:
If you want to use your own domain name, use Amazon Route 53 to create
an alias record that points to your CloudFront distribution. An alias
record is a Route 53 extension to DNS. It's similar to a CNAME record,
but you can create an alias record both for the root domain, such as
example.com, and for subdomains, such as www.example.com. (You can
create CNAME records only for subdomains.) When Route 53 receives a
DNS query that matches the name and type of an alias record, Route 53
responds with the domain name that is associated with your
distribution.
You can also check your domain whit a nslookup or dig and see what does the domain resolve, that way you can ensure if it is pointing to your CloudFront distribution
nslookup yourdomain.com
The result of the dig / nslookup should show you something like:
<hash>.cloudfront.net. and that resolving to multiple IP addresses
I have hosted a static website on S3, with Cloudfront distribution using the "Hosting a static website" quick start option on AWS.
I added an A record (alias) to the cloudfront distribution for the apex, and added another A record (alias) to the same distribution for the www subdomain.
soyou.co redirects to www.soyou.co and fails with an error. The cloudfront distribution url works fine. I purchased the domain in Godaddy, and added the Amazon Name Server (NS) records in Godaddy.
Where could I be wrong? Thanks in advance.
For the www subdomain you need to add a CNAME record pointing to your domain name. Delete the A record alias for the subdomain.
I am trying to map multiple subdomains on a single cloudfront instance to multiple s3 buckets. For example I have two subdomains www.foo.com and www.bar.com which have cname entries in the dns zone files pointing to the cloudfront instance (xyz.cloudfront.net). In cloudfront I have added both www.foo.com and www.bar.com in the alternatives cnames. I have also created two s3 buckets which are added as origins to the cloudfront instance example s3.foo-amazon.com and s3.bar-amazon.com. Now how do I make sure that for www.bar.com content from s3.bar-amazon.com is requested and for www.foo.com contents for s3.foo-amazon.com is requested?
I think you should create separate CloudFront distributions. Each will have a one CNAME and one origin pointing to the correct S3 bucket.