Is there a way to point an AWS Cloudfront instance to my own personal web server not hosted in AWS. So it's not an EC2 or a ELB instance. It's a custom web server hosted with another host. Is this possible? I can't seem to configure this an origin?
Yes, You can do that. When creating distribution, In the Origin Settings section specify your domain as the "Origin".
Suppose you want make CloudFront for example.com Do the following steps:
1) Create a subdomain for your application us.example.com
2) Create distribution with the Origin to us.example.com it will give you a domain name like this d2uhnp5egk65ug.cloudfront.net
3) adjust settings for your naked domain to point to your cloud front distribution d2uhnp5egk65ug.cloudfront.net.
Now by using CNAME example.com can point to distribution d2uhnp5egk65ug.cloudfront.net that might have multiple origins in the backend like "us.example.com" and "uk.example.com"
Related
My current website (single page app with CORS + API) is deployed on AWS EC2 instance and is served via ALB (mostly for easier setup of HTTPS as I only have one region covered now). The web server is configured to serve the single page application but that's all it is doing regarding frontend. I want to move the single page application to S3 instead and so completely separate the backend from the frontend. The question is, what would be the most efficient way to do it with regards to AWS setup? I can come up with the following:
point the domain at the S3 instance to serve frontend files, point API calls to ALB public DNS address
keep the domain pointed at the ELB as it is, route port 80 & 443 to S3, change API port and route that port to EC2
...
Any help appreciated.
If you're trying to completely separate the infrastructure for frontend and backend but keep the same domain you could make use of CloudFront.
In CloudFront you would create 2 origins within your distribution:
The default origin would be the S3 static website.
Then an additional origin which would point to the original ALB.
You would configure the behaviours of this CloudFront distribution so that when a path matches a specific pattern i.e. api/* it would forward traffic to the ELB. If it does not match this it would default to your S3 bucket.
Take a look at the Can I use a single CloudFront web distribution to serve content from multiple origins using multiple behaviors? article which covers a similar behaviour to what I have outlined.
I did a search in the aws docs and couldn't find anything that could help me to setup a cloudfront distribution for a non aws origin server to secure my domain with https. I'm using route 53 to manage my dns for the domain, I'd like to setup https for the domain but it is not hosted with aws. How can I use aws to create a secure domain with https?
Update: I've created the cloudfront distribution and set the alternative cnames to the domain (example.com and www.example.com). In Route 53 I updated the A record for the domain - example.com - to be an alias and pointed it to the cloudfront distribution, but when I try to access the site I get page not working error. The domain does now have he secure padlock, but I can't access the site. Here is the error that I get when I access the site:
The simplest way is to use a CloudFront distribution in front of your non AWS endpoint. This endpoint would be configured as a custom origin endpoint.
You would need to generate or upload a certificate to ACM to attach to the resource. This must be done before you can use the distribution on your own domain, if you don't have it when you create the distribution you will need to edit it later.
The AWS documentation includes documentation for Creating a Distribution. If you follow this and reference your endpoint as the custom origin you will be able to create the host.
You will need to ensure you configure the Origins Origin Protocol Policy option to be HTTP Only if your host does not have a HTTPS certificate.
Be aware that as the CloudFront distribution communicates with your endpoint over the internet, any traffic between CloudFront and your endpoint will still not be encrypted.
First time here but have used help from here a lot.
I managed to find some answers from this thread
Cloudfront and EC2
But as it is mentioned in answer, this issue is happening for me
“Be sure, when you connect through CloudFront, that the server doesn't redirect you back to the EC2 hostname or IP (the address bar in the browser will change, if it does, and you'll want to fix your web server's config if that happens).”
So for this do I need to change anything on httpd.conf?
Or ec2’s firewall? I am using amazon AMI with LAMP
Thanks
Pramit
It means that when your application points to another page in the app (eg index.html pointing to about.html), you should use relative references (/about.html rather than http://1.2.3.4/about.html).
This way, traffic coming in through CloudFront will continue to come in through CloudFront rather than be redirected elsewhere.
Update:
Let's say your configuration is:
A single Amazon EC2 instance with an Elastic IP address
A CloudFront distribution
Your own domain name that you'd like to point to CloudFront
In this case, you would:
Configure a CNAME record (eg www.example.com) on your Domain (on Route 53 or your DNS provider) to point to the CloudFront distribution URL
Configure Alternate Domain Names (CNAMEs) in CloudFront with your CNAME (www.example.com) -- this is so that it knows what domain name is being used to send requests to CloudFront
Set origin to the Elastic IP address of your EC2 instance -- this is where CloudFront obtains the information that it should cache and serve
If you want CloudFront to fetch data from a sub-path (sub-directory) of the origin, then set origin path to that path. For example, you might want to serve content from /dev or /prod.
See: Values That You Specify When You Create or Update a Web Distribution - Amazon CloudFront
So, I've used things like Route 53 before. I have a project now where there will be a website that is served over static pages but uses Javascript to hit an API. The static pages are stored in S3 cached behind cloudfront, the api is an API gateway tied to some backend logic.
How can I make it so www.site.com points to the cloudfront-attached S3 instances, but www.site.com/api/ redirects to my api? Is this even possible?
It's not possible to do that using DNS.
Instead, you can use CloudFront to front both: the S3 bucket and the API.
Create a CloudFront distribution.
Set it's alias to www.site.com
Create one "behaviour" for /api and have it use an origin pointing to your API.
Have a second (default) behaviour for everything else and have it use an origin pointing to your S3 bucket.
Finally, use Route53 point www.site.com to your CloudFront distribution.
If instead of www.site.com/api you used api.site.com or some similar subdomain, you wouldn't need to point a CF distribution at the APIGW API.
APIGW is already fronted by a CF distribution; the Custom Domain Name feature allows you to import an SSL Cert which is attached to the existing CF distribution. Then APIGW provides the domain name of the CF distribution so you can configure a subdomain record like api.site.com to point at it.
http://docs.aws.amazon.com/apigateway/latest/developerguide/how-to-custom-domains.html
Yes you can do this in AWS.
Create a CloudFront distribution, point your domain to CloudFront in Route53.
In the newly created distribution, locate the Origins tab, select Create Origin. Add a path /api, point it to API Gateway / an ELB / an EC2.
Then create another origin, add the path /cdn, point it to an s3 bucket.
Based on this issue CAS server cross subdomain ST ticket I'm thinking about changing of my applications urls.
I have two applications on the following subdomains
https://ui.example.com - static AngularJS application(JavaScript, HTML) hosted on Amazon S3
https://api.example.com - Java Spring application hosted on Amazon EC2 instances (for Tomcat) with Elastic Load Balancing that distributes incoming application traffic across multiple Amazon EC2.
Right now I need to change urls of my applications to the following:
https://ui.example.com
https://ui.example.com/api
In other words I need to make api.example.com application available as /api subfolder of my ui.example.com domain.
How it can be configured with AWS ? Where at AWS I need to make an appropriate changes and configuration ?
You could setup an Nginx proxy in front of both servers, mapping the root path to S3 and the /api path to your EC2 instance. Or you could set up a CloudFront distribution (or use another CDN like CloudFlare) and map the different paths to different origin servers.
In general you have to put a proxy in front of all the servers sharing a domain name.