Unable to configure the Route53 to point to CloudFront Distribution for the static website hosted on S3
I am trying to deploy my static website to S3 configuring CloudFront in front of it. But I am not able to configure Route53 to integrate with CloudFront. Below is what I have done so far.
I create an S3 bucket enabling static hosting and allowing public access. Then I deployed/ uploaded the files. I can access my website through the S3 website static URL, http://www.waiyanhein.com.s3-website-eu-west-1.amazonaws.com/.
I have my own domain called, waiyanhein.com.
I am trying to configure the CloudFront in front of my static website. So I created a CloudFront distribution. For the Origin Domain Name, I chose the S3 Bucket's static website URL. Then I chose "Compress Objects Automatically" as YES. In the "Alternate Domain Names (CNAMEs)" text field, I entered, "waiyanhein.com". Then I created the CloudFront distribution. Now my CloudFront distribution is up and running.
Then I tried to configure Route53 pointing to the CloudFront distribution. I tried creating a record choosing "Alias to CloudFront distribution" option. But I can't find my CloudFront distribution in the resources as you can see in the screenshot below.
What's wrong with my configuration?
I have sort of found out something in the CloudFront distribution too. When I edit the CloudFront distribution, the Alternative domains field is empty for some reasons. Then I entered the domains and clicked save. Then I got the following error.
com.amazonaws.services.cloudfront.model.InvalidViewerCertificateException: To add an alternate domain name (CNAME) to a CloudFront distribution, you must attach a trusted certificate that validates your authorization to use the domain name. For more details, see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: 2d1bacd5-794c-46e5-beec-70b24fab83a6; Proxy: null)
If it does not appear automatically in the dropdown then AWS would be filtering this as it believes that the exact domain you intend to use is not usable for any CloudFront distributions in the account.
Please check the following are correct:
- The exact record is covered by the alternative name(s) attached to the CloudFront distribution.
- The CloudFront distribution is finished rolling out.
From the interface for the Alias value you should be able to paste the CloudFront domain name with a trailing . although in this new interface certain actions do not currently appear to work. If this is the case for you revert back to the original interface by clicking on the Switch to old console link on the left hand side of the screen and attempt from here.
Additional Comments
The screenshot indicates that an alternative domain that is being specified does not have a matching ACM certificate in us-east-1 which is attached to your CloudFront distribution.
If you do not have one generate a new one, then attach it to your CloudFront distribution when you add the alternative domain name.
- HTTP requests not working on aws ec2
- Amazon EC2 and EBS disk space problem
- How do I enable Data API?
- CDK Pipelines - Migrating a database in the pipeline
- Do environment variables in ECS Fargate task definitions support interpolation?
- Upgrading AWS RDS aurora from serverless v1 to serverless v2 using terraform
- AWS IAM user not able to see Billing and Cost Management Dashboard
- Amazon S3 - How to fix 'The request signature we calculated does not match the signature' error?
- Deleting last element in a DynamoDB string set
- AWS CLI on Windows won't work though using double quotes and escapes
- How to resolve 'Step Functions State Machine is not authorized to create managed-rule'?
- Understanding SQS message receive amount
- AWS Glue JDBC Connection created using Cloud Formation is not setting the password
- CloudFront charges after you invalidate your distribution over 1,000 times, does the count reset each month?
- AWS Cognito federated user login not allowing to sign in as different user after log out
- AWS s3 V3 Javascript SDK stream file from bucket (GetObjectCommand)
- Provide AWS Lex response in Hyperlink format
- Fixing yaml indentation with python
- Generate S3 URL in "path-style" format
- Trying to find the ARN pattern for AWS WAF regional
- AWS cognito: What's the difference between Access and Identity tokens?
- virtually isolate the network in the same AWS Cloud Account
- AWS start sandbox from tutorial
- Can I stop a spot instance in aws just like I can stop and start an on demand ec2 instance
- FastAPI app works locally, but /blogs endpoint causes redirect loop on AWS Lambda deployment
- Get pdftotext Python module running on Lambda
- Kubernetes: how to set VolumeMount user group and file permissions
- Invalid arn error for terraform code with kms data resource
- Unable to import module 'src.main': No module named 'dependencies' when uploading FastAPI zipped project to AWS Lambda
- Unable to update AWS AppRunner VPC connector via CDK