Using aws route53 with cloudfront
TypeScriptTo set up an AWS Route53 domain to work with a CloudFront distribution, you'll need to perform the following steps:
- Create a CloudFront distribution. This distribution will serve your content, and you need to configure it with your origin—the location where your content is stored, which could be an S3 bucket or an HTTP server.
- Once the distribution is created and deployed, CloudFront will provide a distribution domain name (e.g.,
d1234567890.cloudfront.net
). You will need to create a record set in Route53 that points to your CloudFront distribution. - If you have a custom domain (e.g.,
www.example.com
), you can create an Alias record in AWS Route53 pointing to the CloudFront distribution. This makes it possible to access your content using your custom domain via the CloudFront CDN.
Below is an example program written in TypeScript using Pulumi which demonstrates how to accomplish this. The program assumes that you already have a domain registered and a hosted zone for that domain in Route53.
import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Replace with your existing S3 bucket that serves as the origin for CloudFront. const s3BucketName = "your-s3-bucket-name"; const domainName = "www.example.com"; // Replace with your domain name. // Create a new CloudFront distribution. const distribution = new aws.cloudfront.Distribution("myDistribution", { // ... Other CloudFront settings // Specify the S3 bucket origin. origins: [{ domainName: pulumi.interpolate`${s3BucketName}.s3.amazonaws.com`, originId: s3BucketName, // You can include other origin configuration as needed. }], enabled: true, defaultCacheBehavior: { // ... Other default cache behavior settings targetOriginId: s3BucketName, viewerProtocolPolicy: "redirect-to-https", }, aliases: [domainName], // You can customize these certificate settings as needed. viewerCertificate: { cloudfrontDefaultCertificate: false, acmCertificateArn: pulumi.output(aws.acm.getCertificate({ domain: domainName, types: ["AMAZON_ISSUED"], statuses: ["ISSUED"], })).arn, sslSupportMethod: "sni-only", }, }); // Look up the Route53 hosted zone by name, this assumes it already exists. const hostedZoneId = pulumi.output(aws.route53.getZone({ name: domainName })).id; // Create a Route53 record that points to the CloudFront distribution. const record = new aws.route53.Record(`${domainName}-record`, { zoneId: hostedZoneId, name: domainName, type: "A", aliases: [{ name: distribution.domainName, zoneId: distribution.hostedZoneId, evaluateTargetHealth: true, }], }); // Export the CloudFront domain name and the Route53 record name. export const cloudFrontDomainName = distribution.domainName; export const route53RecordName = record.name;
This program uses the
aws.cloudfront.Distribution
resource to create a CloudFront distribution with an origin that points to an S3 bucket. It specifies that HTTPS should be enforced with a defaultCloudFront certificate managed by ACM (AWS Certificate Manager).The
aws.route53.Record
resource creates a Route53 record that points to the CloudFront distribution. If you're using a domain managed by another registrar, make sure to update the nameservers to AWS Route53's so that it can manage the DNS for your domain.Please replace
your-s3-bucket-name
andwww.example.com
with your actual S3 bucket name and domain name. Moreover, theacmCertificateArn
setting assumes that you have a valid AWS Certificate Manager certificate issued for your domain. Edit the distribution settings to include other configurations like logging or cache behaviors as needed for your use case.After deploying this program with Pulumi by running
pulumi up
, you should be able to navigate towww.example.com
and be served content via CloudFront.Remember to check out the respective Pulumi documentation for CloudFront Distribution and Route53 Record so you can customize the program for your specific requirements.