Hosting an SSL static web page as a subdomain in AWS

Jumping right into what we are going to do here,

  • Host the offline page in AWS for your product hostsed at in-house DC.
  • My product is hosted in our own colocated DC.
  • The offline page I need is in AWS, so that an outage in my own DC won’t impact the offline page.

Steps to follow,

1. Get your own certificate for

2. Create an S3 bucket to host the static site and dump your content. Set its properties to act as a static web page. This will get your non-SSL site with S3’s own domain naming convention ready.

3. Create a cloundfront with origin as the S3 bucket you created, and configure to use SSL using the certificate you created in Step 1. Access your cloudfront SSL url and see you can access the offline page.


4. Create a vanity CNAME record that matches your SSL cert’s CN, pointing to the cloudfront endpoint.

exponentof:~ > host is an alias for has address has address has address has address has address has address has address has address
exponentof:~ >

5. Your are technically done. Below steps are decorations.

6. Keep your Cloudfront logs in the S3 bucket. Call the url with extra parameters to find the actual source in details.

7. Splunk your S3 logs for data analysis & Setup Cloudtrail moniroting.

(to be elaborated with screenshots later…)