https-static-site-cloudformation

Cloudformation template for provisioning everything needed for a HTTPS static site

What

This repository contains a Cloudformation template and a script for provisioning:

• AWS::S3::Bucket
• AWS::S3:BucketPolicy
• AWS::CertificateManager::Certificate
• AWS::CloudFront::Distribution
• AWS::Route53::HostedZone
• AWS::Route53::RecordSetGroup

It can be used to provision a Cloudformation stack which serves a static site from a custom domain with HTTPS.

For more details on what is this script is, you can read the blog post I wrote about it

How

Synopsis

./provision <root-domain-name> [<custom-bucket-name>]

Prerequisites

• You'll need the aws-cli installed to run the provision script.
• You'll need access to the AWS console to validate the TLS certificate.

Usage

Note: You'll have to do some manual steps in the AWS console while the certificate is provisioning

1. Run the provision script with the domain name you're using for your static site.
   • For example, the domain name you're using is example.com, run ./provision "example.com"
   • You can optionally pass a second argument if you want a custom bucket name., e.g ./provision "example.com" "example.com-bucket"
2. Open the AWS console and go to the Certificate Manager service
3. Identify the new certificate that is being provisioned by Cloudformation (the status should be Pending validation), and expand the section
4. In the Domains section, you will be able to expand each domain and click the Create record in Route53 button.
5. It can take some time for the DNS record to propogate, but the Certificate should now be able to verify the domain.
6. Wait for the script to finish (it might take a while).