Custom Domain Name - AWS

Create a CNAME DNS mapping

Before configuring your custom domain in AWS Cloud Front, you must create the CNAME record. This is an alias DNS record that maps your custom domain name with the actual endpoint. So for this example, our alias record will be awsexample.grinntec.net, which will map to the true record of {NAME}.cloudfront.net.

AWS Certificate Manager

We’re not using a PKI, so we’ll use the AWS Certificate Manager (ACM) to Request a Public Certificate. Enter the FQDN awsexample.grinntec.net. Use DNS validation. Leave the algorithm as RSA 2048. Your request will now be visible in the ACM console; it’ll have a status of Pending Validation, which means you need to create a DNS record in your custom DNS zone that AWS will query; this will prove you have administrative rights to the domain zone.

Use the values provided to create the validation CNAME record in your DNS zone. The ACM will trigger validation requests, and when it finds your record, the certificate request will move forwards. If validation has not passed within 72 hours, the request is rejected. The validation is automated and could take a few minutes; after creating the CNAME records, refresh the ACM console until validation has passed.

Custom Domain Name

Go to the Cloud Front distribution, and edit the settings. Under Alternate domain name (CNAME) add an item and input your CNAME value, so awsexample.grinntec.net. To be able to use a custom domain, Cloud Front requires an SSL certificate. So under Custom SSL certificate choose your new (validated) certificate should now be available to choose from the drop-down list. Select it, make sure your alternate domain name is valid, and click save.

The changes will be deployed, and then you can go to your website using your custom domain name on a valid HTTPS SSL certificate.

References

How do I use CloudFront to serve HTTPS requests for my Amazon S3 bucket?

Validating domain ownership

Troubleshoot DNS validation problems