DNS + TLS setup

Route 53 hosts the domain. A record points to CloudFront distribution. ACM issues + auto-rotates the TLS cert.

Advertisement

DNS + TLS setup

Route 53 hosts the domain. A record points to CloudFront distribution. ACM issues + auto-rotates the TLS cert.

Advertisement

CloudFront handles requests

Terminates TLS. Serves from cache if hit. Cache miss → fetch from S3. Returns to user with cache TTL.

S3 as origin

Files uploaded to bucket. CloudFront authenticates via Origin Access Control (bucket is private). Direct access blocked.

CloudFront Function for pretty URLs

Rewrites /blog//blog/index.html. Runs at every edge. Sub-millisecond overhead.

Deployment pipeline

Git push → CI runs → aws s3 sync uploads changed files → CloudFront invalidation clears cache for updated paths.