Up until now my blog has been hosted on the Google Cloud Platform (GCP). At work I’m in studying for the Amazon Web Services (AWS) Developer Associate Certificate so I wanted some more hands on experience with AWS. Solely for the sake of learning I have moved my blog from GCP to AWS.
On GCP I was running the following setup:
- Compute instance running Nginx serving the website
- SSL certificate issued by Lets Encrypt
- Photos stored on the Google Cloud Storage service
On AWS the setup for this supposedly simple static site is more complex, though no more needing to maintain the server instance. I’m running:
- Two S3 buckets. One for the website, the other for my photos.
- A Cloudfront distribution for each bucket.
- A Route53 hosted zone for each Cloudfront distribution. All traffic to
isthisit.nz
andwww.isthisit.nz
goes to the website Cloudfront distribution, all traffic tostatic.isthisit.nz
goes to the photos distribution. - A single SSL certificate registered through AWS Certificate Manager.
There is good documentation published by AWS on how you can set this up yourself. A couple of things I noted following this setup.
- Your domain name doesn’t have to be registered with AWS in order to use Route53. In Route53 just create a hosted zone for your domain, then in your domain’s nameserver settings enter the
NS
records for the Route53 addresses. More here. - If your bucket name is
www.isthisit.nz
you can still serve requests toisthisit.nz
through some Route53 and Cloudfront black magic usingA
Alias Records. - Cloudfront wasn’t serving the
index.html
file by default in subdirectories. For example a GET request toisthisit.nz
would return the rootindex.html
, but a request toisthisit.nz/aurora/
would return an S3 403 error rather than returningaurora/index.html
. To fix this behaviour in the AWS Console navigate to the Cloudfront distribution and under Origin and Origin Groups the Origin Domain Name and Path must be set to the S3 website URL (eg.www.isthisit.nz.s3-website-us-west-2.amazonaws.com/
), not the raw S3 URL (www.isthisit.nz.s3.amazonaws.com
).
Deployment
In my old setup the deployment script was a simple rsync
. Here it isn’t much more complicated. It uploads the files to S3 and then invalidates the Cloudfront cache so that changes are immediately reflected.
hugo
cd public && aws s3 sync --acl public-read . s3://www.isthisit.nz
aws cloudfront create-invalidation --distribution-id ABCDEF --paths '/*'