Hands-on: Setup EC2 instance with Amazon CloudFront distribution, SSL and Route 53 custom domain

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello my name is Adam and I'm research consultant at stormy stormy is an AWS select Consulting partner can help you make the most of what AWS cloud has to offer today we will take a look at fairly simple AWS architecture with Amazon ec2 cloudfront CDN and Route 53 DNS together with certificate manager and how to create this architecture in AWS Management console here is our architecture diagram we have ec2 instance with our web application and dynamic content in this case WordPress website but it can be any type of web application that you want to share through cloudfront and Route 53 but it shouldn't be static because then we can use S3 bucket instead of ec2 instance and we already have a video about that on our channel so see it if you need it then we have a cloud home distribution and use our own domain name in Route 53 and we will need to create a certificate in AWS certificate manager so we can communicate with our users using https protocol the same will need to be created in our ec2 instance in WordPress in this example but if you use any other web application you will need to create that certificate on your site so we are in the AWS Management console and first thing I want to do is go to ec2 and let's see what I already have here so I'm going to my instances and I have one ec2 instance here for my as my web server for WordPress website if I open my public ipv4 up IP address as you can see it's very simple website for some travel tips it normally works with we have some blog here and everything so basically this is a dynamic website and we cannot share it to S3 bucket so I will go back to AWS Management console and we as a first thing we need to create a certificate for our SSL encryption so I will create a new certificate but as you can see right now I'm in a Frankfurt region and we will only need a certificate in node-wear Genia region it's because cloudfront doesn't work with any other region so I will go to not wear Genia region and request a certificate here okay and it will be for for my test domain if you are using your own you can just fill it in here and it will be also for my www.ca domain so like this and I will click on request and as you can see the status here right now is pending validation and it's because we have to validate this certificate by Route 53 so as you can see here I have this hosted zone for my test2022.cf already in Route 53 so I will go just there and let's see okay to hosted zones and as you can see I already have it here and we can use it so if you don't have your hosted Zone already in Route 53 you can create it by clicking here and it's basically a very simple process so it shouldn't take a long time I will go back to AWS certificate manager and click on create records here okay record and go back to my domain in Route 53 and the new cname records have been created and it shouldn't take long I think it could be done any second so I will just go back and as you can see it's issued and validated so we can use this certificate and we can use it in our ground cloud from distribution so I will go to cloudfront and create our first distribution and we will need a ec2 domain name so I will just go to ec2 open it in a new tab and we have to be in Europe Frankfurt region where I have my instance and I will copy the public ipv4 DNS you cannot use ipv4 this one you have to use the domain name so I will copy it here and just passed it here and we can use the HTTP only protocol for now it shouldn't be a problem and we can go to the viewer protocol policy we will select the direct HTTP to https and because because it's a dynamic web application we will use all HTTP methods here we can disable caging in the default we can then create another caging behavior for cloudfront so we will use sketching disable and all viewer here under original request policy and here we have to choose our certificate if you don't see your certificate here I think you have just created in a wrong region you have to create it in Old Virginia region I will just again write my domain name here for the C9 record and www dot same domain here and I'm going to create this distribution so I will click on create distribution I will go back to my distribution and it could take a little bit of time till it's deployed so I will wait and go back after couple of minutes our cloudform distribution is deployed so we can use it we can try to hit our domain name for cloudform distribution so I will open a new tab here and try to hit it and as you can see it's shown in a very strange way basically without GIS and CSS files that's because we are using the domain name of cloudform distribution and our certificate is for another domain and our connection is not fully secure so Roma will not open this website with every aspect so JS files and CSS files how to repair this we will create our route 52e records so for our real domain so I will go to root 53 and go to hosted Zone and my domain and I will create two records for www and without it so the first one will be just the simple event like this and I will choose my new distribution and click at the record and this one will be with www and again it will be for aliens record and my new distribution and I will click on create records so my new records are created I click click on view status and wait and our Route 53 records are in sync so we can try to hit our domain our real domain so this is one I will try it and as you can see it doesn't work as as it should that's because it's the same problem as for cloud run but here is a little bit different because our WordPress instance or your web application at this moment doesn't have a certificate for this domain name from we think that the last position in the architecture which is ec2 instance is node wallet and you will need to install certificate there I will do that myself on the warp WordPress using some plugins I will add some example documentation to the description of this video you can follow that yourself or if you use if you are using any other web application you will need to find the documentation for this I think if you add SSL or SSL certificate it will work fine for you too after couple of minutes I have been able to grade my SSL certificate on the ec2 instance so for my WordPress website I will just reload my website and as you can see everything is signed and ready the connection is secure so this was the manual for how to create architecture with Route 53 Cloud front and easy to website easy to web application I will go back to my presentation thank you for watching if you want to see more videos about AWS Services subscribe to our Channel and like this video or if you want to learn more about other services visit our website and blog links are in the description below and if you have any questions don't hesitate to contact us

Info

Channel: StormIT

Views: 14,370

Rating: undefined out of 5

Keywords: cloudfront ec2, cloudfront to ec2, cloudfront ec2 without load balancer, cloudfront with ec2, ec2 cloudfront, ec2 with cloudfront, ec2 cloudfront https, ec2 cloudfront route53, ec2 wordpress https, aws ec2 cloudfront acm, setup cloudfront with ec2, cloudfront origin ec2

Id: 0ZZY7GSY6uw

Channel Id: undefined

Length: 11min 3sec (663 seconds)

Published: Thu Dec 01 2022