I have a domain dev-www.myexample.de hosted via AWS EC2 and a Load Balancer. I want to replace this configuration with an S3 bucket + CloudFront and keep same domain name.
The only possible way I could find was destroying my EC2 instance and Route 53 and then deploy my CloudFront and domain and this works fine.
However, I want to show a 503 page for all traffic that comes while my EC2 instance is down and before my CloudFront and S3 bucket are ready to use. Any idea how I can do that?
You can create your Amazon S3 bucket and Amazon CloudFront distribution before changing the DNS configuration. This gives you an opportunity to ensure that it is working correctly.
Then, you can change the Route 53 configuration to point to CloudFront instead of the Load Balancer. It will take some time for this change to propagate throughout the Internet, during which cached queries will continue to go to the Load Balancer but new DNS lookups will go to CloudFront. If you have the same content in both locations, there should not be a need to display any notice.
Please note that only static content can be served from Amazon S3, so if you had any back-end logic in your Amazon EC2 servers, it would not be possible to continue providing it with CloudFront + S3.
Related
I have a website hosted on aws elastic beanstalk and the images on my website are stored and gotten from an S3 bucket.
I want to set up aws Cloudfront distributions for the website.
My question is, do I set up two different distributions for the elastic load balancer and the S3 bucket that my images are gotten from?
or
if I set up a distribution for only the load balancer, will the images on my website be automatically cached for future use?
Just one Cloudfront distribution will suffice. Use this manual by AWS: https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-distribution-serve-content/
right now I have an app that runs on several beanstalk environments in different regions and use route53 geo location records for routing
I want to use cloudfront for these environments
Can I create a cloudfront for each environment and route to them with route53? Or can I create a single cloudfront and connect all of the beanstalks to it? Do I have to use cloudfront lambda to do something like this?
Can I create a cloudfront for each environment and route to them with route53?
CloudFront and Route53 don't relate to each other.
Route53 gives URL of an application (deployed to Beanstalk in this case) to end users. When users open this URL, they will see something rendered. This something uses resources. These resources can be stored in CloudFront CDN or can be stored in your application.
You can see that Route53 doesn't collaborate with CloudFront here.
I have an Elastic Beanstalk instance serving a backend app running natively HTTP and an Angular app hosted on a S3 instance.
Now, I would like to put these on a single domain www.example.com, behind a SSL protected Load Balancer which will route the request internally by the URI, either to the backend (/api/) or angular app (/). For this I setup a Route53 DNS which I wired to the LB.
I don't see an option to route directly from LB to the S3 instance though. I've read that, I should create a CloudFront distribution for the angular app and specify the LB as the origin but after configuring CF distro, I don't see any option inside of the LB to connect it to the angular app. How should I approach it?
Routing should be handled on CloudFront not on load balancer in this case. You can create multiple behaviors in CloudFront, each pointing to a different origin. So you can choose default CloudFront behavior(*) to point to your s3 bucket and create second behavior that is used whenever URL contains /api to point to your load balancer origin.
I have a load balancer which balances some EC2 instances. The three major instances are:
www.domain.com/blog – LAMP. This is on EC2 and I want to keep it there
www.domain.com/forum – Lamp. This is on EC2 and I want to keep it there
www.domain.com – Windows. Rest everything I can move to Cloudfront
Due to budgetary constraints I want to keep Blog and Forums on EC2.
Can I keep the load balancer (with my DNS provider) before the Cloudfront which will help me
keep redirecting the forum and blog requests to EC2 instances and
direct all other requests to Cloudfront
Load Balancer currently success directs users between various EC2 instances, some on linux and some on windows platform
Setup I need it:
Load Balancer Checks request type:
If the URL contains /forum direct them to EC2
If the URL contains /blog direct them to EC2
If the URL does not contain either direct them to Cloudfront
Forum is - Xenforo
Blog is Wordpress
I have currently got an Elastic Beanstalk web app within a VPC which I'd like to put behind a WAF. In order to do this I've added CloudFront with the WAF looking at that. For security I've enabled access to the Elastic Beanstalk app only from the AWS CloudFront IP addresses, which I have done using security groups (auto updating when these IP addresses change).
However, what is to stop someone else adding my EB app web address to their own CloudFront instance, would this bypass my IP address limitations on the VPC security group and give them access without going through my WAF?
I think what might help here is to add some secret custom header in your CloudFront distribution (http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html), and make your origin check for the presence of the header. This will ensure that only your distribution can get data from your origin server.