Now that we have our CloudFront distribution live, let's set up our domain with it. You can purchase a domain right from the AWS Console by heading to the Route 53 section in the list of services.
Purchase a Domain with Route 53
Type in your domain in the Register domain section and click Check.
After checking its availability, click Add to cart.
And hit Continue at the bottom of the page.
Fill in your contact details and hit Continue once again.
Finally, review your details and confirm the purchase by hitting Complete Purchase.
Now that we have our domain, let's add a layer of security to it by switching to HTTPS. AWS makes this fairly easy to do, thanks to Certificate Manager. The SSL Certificate is required for configuring your domain as an alternative name on your CloudFront distribution.
Request a Certificate
Select Certificate Manager from the list of services in your AWS Console. Ensure that you are in the US East (N. Virginia) region. This is because a certificate needs to be from this region for it to work with CloudFront.
If this is your first certificate, you'll need to hit Get started. If not then hit Request a certificate from the top.
And type in the name of our domain. Hit Add another name to this certificate and add our www version of our domain as well. Hit Review and request once you are done.
Now to confirm that we control the domain, select the DNS validation method and hit Review.
On the validation screen expand the two domains we are trying to validate.
Since we control the domain through Route 53, we can directly create the DNS record through here by hitting Create record in Route 53.
And confirm that you want the record to be created by hitting Create.
Also, make sure to do this for the other domain.
The process of creating a DNS record and validating it can take around 30 minutes.
Next, we'll associate this certificate with our CloudFront Distributions.
You can do this step also with cloudformation yet this requires you to manually validate the domain ownership. Alternatively you can implement a custom resource. For the sake o bootstraping we will do this step manually and verify the domain through email for the first time. Add the following to your could formation Stack
DomainCertificate:Type: AWS::CertificateManager::CertificateProperties:DomainName: "d10l.de"SubjectAlternativeNames: ["www.d10l.de", "*.d10l.de"]ValidationMethod: DNS
After the stack has started check the log and create the DNS entry in Route53 to validate the domain.
Next, we'll add an alternate domain name for our CloudFront Distribution.