# Static website tutorials The following tutorials or walkthroughs present complete procedures for how to create and configure an Amazon S3 general purpose bucket for static website hosting and hosting on-demand video streaming. The purpose of these tutorials is to provide general guidance. These tutorials are intended for a lab-type environment, and they use example bucket names, user names, and so on. They are not intended for direct use in a production environment without careful review and adaptation to meet the unique needs of your organization's environment. + [Hosting on-demand streaming video with Amazon S3, Amazon CloudFront, and Amazon Route 53](https://docs.aws.amazon.com/AmazonS3/latest/userguide/tutorial-s3-cloudfront-route53-video-streaming) – You can use Amazon S3 with Amazon CloudFront to host videos for on-demand viewing in a secure and scalable way. After your video is packaged into the right formats, you can store it on a server or in an S3 general purpose bucket, and then deliver it with CloudFront as viewers request it. In this tutorial, you will learn how to configure your general purpose bucket to host on-demand video streaming using CloudFront for delivery and Amazon Route 53 for Domain Name System (DNS) and custom domain management. CloudFront serves the video from its cache, retrieving it from your general purpose bucket only if it is not already cached. This caching management feature accelerates the delivery of your video to viewers globally with low latency, high throughput, and high transfer speeds. For more information about CloudFront caching management, see [Optimizing caching and availability](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ConfiguringCaching.html) in the *Amazon CloudFront Developer Guide*. + [Configuring a static website](https://docs.aws.amazon.com/AmazonS3/latest/userguide/HostingWebsiteOnS3Setup.html) – You can configure a general purpose bucket to function like a website. This tutorial walks you through the steps of hosting a website on Amazon S3 including creating a bucket, enabling static website hosting in the S3 console, creating an index document and creating an error document. For more information, see [Hosting a static website using Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/userguide/WebsiteHosting.html). + [Configuring a static website using a custom domain registered with Route 53](https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-custom-domain-walkthrough.html) – You can create and configure a general purpose bucket to host a static website and create redirects on S3 for a website with a custom domain name that is registered with Amazon Route 53. You use Route 53 to register domains and to define where you want to route internet traffic for your domain. This tutorial shows how to create Route 53 alias records that routes traffic for your domain and subdomain to your general purpose bucket that contains an HTML file. For more information, see [Use your domain for a static website in an Amazon S3 bucket](https://docs.aws.amazon.com//Route53/latest/DeveloperGuide/getting-started-s3.html) in the *Amazon Route 53 Developer Guide*. After you complete this tutorial, you can optionally use CloudFront to improve the performance of your website. For more information, see [Speeding up your website with Amazon CloudFront](https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-cloudfront-walkthrough.html). + [Deploying a static website to AWS Amplify Hosting from an S3 general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/website-hosting-amplify) – We recommend that you use [AWS Amplify Hosting](https://docs.aws.amazon.com//amplify/latest/userguide/welcome.html.html) to host static website content stored on S3. Amplify Hosting is a fully managed service that makes it easy to deploy your websites on a globally available content delivery network (CDN) powered by Amazon CloudFront, allowing secure static website hosting without extensive setup. With AWS Amplify Hosting, you can select the location of your objects within your general purpose bucket, deploy your content to a managed CDN, and generate a public HTTPS URL for your website to be accessible anywhere. For more information, see [Deploying a static website from S3 using the Amplify console](https://docs.aws.amazon.com//amplify/latest/userguide/deploy--from-amplify-console.html) in the *AWS Amplify Hosting User Guide*. # Tutorial: Hosting on-demand streaming video with Amazon S3, Amazon CloudFront, and Amazon Route 53 You can use Amazon S3 with Amazon CloudFront to host videos for on-demand viewing in a secure and scalable way. Video on demand (VOD) streaming means that your video content is stored on a server and viewers can watch it at any time. CloudFront is a fast, highly secure, and programmable content delivery network (CDN) service. CloudFront can deliver your content securely over HTTPS from all of the CloudFront edge locations around the globe. For more information about CloudFront, see [What is Amazon CloudFront?](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html) in the *Amazon CloudFront Developer Guide*. CloudFront caching reduces the number of requests that your origin server must respond to directly. When a viewer (end user) requests a video that you serve with CloudFront, the request is routed to a nearby edge location closer to where the viewer is located. CloudFront serves the video from its cache, retrieving it from the S3 bucket only if it is not already cached. This caching management feature accelerates the delivery of your video to viewers globally with low latency, high throughput, and high transfer speeds. For more information about CloudFront caching management, see [Optimizing caching and availability](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ConfiguringCaching.html) in the *Amazon CloudFront Developer Guide*. ![\[Diagram showing how the CloudFront caching mechanism works.\]](http://docs.aws.amazon.com/AmazonS3/latest/userguide/images/cf-example-image-global.png) **Objective** In this tutorial, you configure an S3 bucket to host on-demand video streaming using CloudFront for delivery and Amazon Route 53 for Domain Name System (DNS) and custom domain management. **Topics** + [ ## Prerequisites: Register and configure a custom domain with Route 53 ](#cf-s3-prerequisites) + [ ## Step 1: Create an S3 bucket ](#cf-s3-step1) + [ ## Step 2: Upload a video to the S3 bucket ](#cf-s3-step2) + [ ## Step 3: Create a CloudFront origin access identity ](#cf-s3-step3) + [ ## Step 4: Create a CloudFront distribution ](#cf-s3-step4) + [ ## Step 5: Access the video through the CloudFront distribution ](#cf-s3-step5) + [ ## Step 6: Configure your CloudFront distribution to use your custom domain name ](#cf-s3-step6) + [ ## Step 7: Access the S3 video through the CloudFront distribution with the custom domain name ](#cf-s3-step7) + [ ## (Optional) Step 8: View data about requests received by your CloudFront distribution ](#cf-s3-step8) + [ ## Step 9: Clean up ](#cf-s3-step9) + [ ## Next steps ](#cf-s3-next-steps) ## Prerequisites: Register and configure a custom domain with Route 53 Before you start this tutorial, you must register and configure a custom domain (for example, **example.com**) with Route 53 so that you can configure your CloudFront distribution to use a custom domain name later. Without a custom domain name, your S3 video is publicly accessible and hosted through CloudFront at a URL that looks similar to the following: ``` https://CloudFront distribution domain name/Path to an S3 video ``` For example, **https://d111111abcdef8.cloudfront.net/sample.mp4**. After you configure your CloudFront distribution to use a custom domain name configured with Route 53, your S3 video is publicly accessible and hosted through CloudFront at a URL that looks similar to the following: ``` https://CloudFront distribution alternate domain name/Path to an S3 video ``` For example, **https://www.example.com/sample.mp4**. A custom domain name is simpler and more intuitive for your viewers to use. **** To register a custom domain, see [Registering a new domain using Route 53](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html) in the *Amazon Route 53 Developer Guide*. When you register a domain name with Route 53, Route 53 creates the hosted zone for you, which you will use later in this tutorial. This hosted zone is where you store information about how to route traffic for your domain, for example, to an Amazon EC2 instance or a CloudFront distribution. There are fees associated with domain registration, your hosted zone, and DNS queries received by your domain. For more information, see [Amazon Route 53 Pricing](https://aws.amazon.com/route53/pricing/). **Note** When you register a domain, it costs money immediately and it's irreversible. You can choose not to auto-renew the domain, but you pay up front and own it for the year. For more information, see [Registering a new domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html) in the *Amazon Route 53 Developer Guide*. ## Step 1: Create an S3 bucket Create a bucket to store the original video that you plan to stream. **To create a bucket** 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the navigation bar on the top of the page, choose the name of the currently displayed AWS Region. Next, choose the Region in which you want to create a bucket. **Note** To minimize latency and costs and address regulatory requirements, choose a Region close to you. Objects stored in a Region never leave that Region unless you explicitly transfer them to another Region. For a list of Amazon S3 AWS Regions, see [AWS service endpoints](https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in the *Amazon Web Services General Reference*. 1. In the left navigation pane, choose **General purpose buckets**. 1. Choose **Create bucket**. The **Create bucket** page opens. 1. For **Bucket name**, enter a name for your bucket (for example, **tutorial-bucket**). For more information about naming buckets in Amazon S3, see [General purpose bucket naming rules](bucketnamingrules.md). 1. For **Region**, choose the AWS Region where you want the bucket to reside. If possible, you should pick the Region that is closest to the majority of your viewers. For more information about the bucket Region, see [General purpose buckets overview](UsingBucket.md). 1. For **Block Public Access settings for this bucket**, keep the default settings (**Block *all *public access** is enabled). Even with **Block *all* public access** enabled, viewers can still access the uploaded video through CloudFront. This feature is a major advantage of using CloudFront to host a video stored in S3. We recommend that you keep all settings enabled unless you need to turn off one or more of them for your use case. For more information about blocking public access, see [Blocking public access to your Amazon S3 storage](access-control-block-public-access.md). 1. For the remaining settings, keep the defaults. (Optional) If you want to configure additional bucket settings for your specific use case, see [Creating a general purpose bucket](create-bucket-overview.md). 1. Choose **Create bucket**. ## Step 2: Upload a video to the S3 bucket The following procedure describes how to upload a video file to an S3 bucket by using the console. If you're uploading many large video files to S3, you might want to use [Amazon S3 Transfer Acceleration](https://aws.amazon.com/s3/transfer-acceleration) to configure fast and secure file transfers. Transfer Acceleration can speed up video uploading to your S3 bucket for long-distance transfer of larger videos. For more information, see [Configuring fast, secure file transfers using Amazon S3 Transfer Acceleration](transfer-acceleration.md). **To upload a file to the bucket** 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **General purpose buckets**. 1. In the **General purpose buckets** list, choose the name of the bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**) to upload your file to. 1. On the **Objects** tab for your bucket, choose **Upload**. 1. On the **Upload** page, under **Files and folders**, choose **Add files**. 1. Choose a file to upload, and then choose **Open**. For example, you can upload a video file named `sample.mp4`. 1. Choose **Upload**. ## Step 3: Create a CloudFront origin access identity To restrict direct access to the video from your S3 bucket, create a special CloudFront user called an origin access identity (OAI). You will associate the OAI with your distribution later in this tutorial. By using an OAI, you make sure that viewers can't bypass CloudFront and get the video directly from the S3 bucket. Only the CloudFront OAI can access the file in the S3 bucket. For more information, see [Restrict access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide*. **Important** If the bucket that you're using to host your static website has been encrypted using server-side encryption with AWS Key Management Service (AWS KMS) keys (SSE-KMS), you must use origin access control (OAC) instead of origin access identity (OAI) to secure the origin. OAI doesn't support SSE-KMS, so you must use OAC instead. For more information about OAC, see [Restrict access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide*. **To create a CloudFront OAI** 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, under the **Security** section, choose **Origin access**. 1. Under the **Identities** tab, choose **Create origin access identity**. 1. Enter a name (for example, **S3-OAI**) for the new origin access identity. 1. Choose **Create**. ## Step 4: Create a CloudFront distribution To use CloudFront to serve and distribute the video in your S3 bucket, you must create a CloudFront distribution. **Topics** + [ ### Create a CloudFront distribution ](#cf-s3-step4-create-cloudfront) + [ ### Review the bucket policy ](#cf-s3-step4-review-bucket-policy) ### Create a CloudFront distribution 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. Choose **Create distribution**. 1. In the **Origin** section, for **Origin domain**, choose the domain name of your S3 origin, which starts with the name of the S3 bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. For **Origin access**, choose **Legacy access identities**. 1. Under **Origin access identity**, choose the origin access identity that you created in [Step 3](#cf-s3-step3) (for example, **S3-OAI**). 1. Under **Bucket policy**, choose **Yes, update the bucket policy**. 1. In the **Default cache behavior** section, under **Viewer protocol policy**, choose **Redirect HTTP to HTTPS**. When you choose this feature, HTTP requests are automatically redirected to HTTPS to secure your website and protect your viewers' data. 1. For the other settings in the **Default cache behaviors** section, keep the default values. (Optional) You can control how long your file stays in a CloudFront cache before CloudFront forwards another request to your origin. Reducing the duration allows you to serve dynamic content. Increasing the duration means that your viewers get better performance because your files are more likely to be served directly from the edge cache. A longer duration also reduces the load on your origin. For more information, see [Managing how long content stays in the cache (expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. 1. For the other sections, keep the remaining settings set to the defaults. For more information about the different settings options, see [Values That You Specify When You Create or Update a Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html) in the *Amazon CloudFront Developer Guide*. 1. At the bottom of the page, choose **Create distribution**. 1. On the **General** tab for your CloudFront distribution, under **Details**, the value of the **Last modified** column for your distribution changes from **Deploying** to the timestamp when the distribution was last modified. This process typically takes a few minutes. ### Review the bucket policy 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **Buckets**. 1. In the **Buckets** list, choose the name of the bucket that you used earlier as the origin of your CloudFront distribution (for example, **tutorial-bucket**). 1. Choose the **Permissions** tab. 1. In the **Bucket policy** section, confirm that you see a statement similar to the following in the bucket policy text: ``` { "Version": "2008-10-17", "Id": "PolicyForCloudFrontPrivateContent", "Statement": [ { "Sid": "1", "Effect": "Allow", "Principal": { "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity EH1HDMB1FH2TC" }, "Action": "s3:GetObject", "Resource": "arn:aws:s3:::tutorial-bucket/*" } ] } ``` This is the statement that your CloudFront distribution added to your bucket policy when you chose **Yes, update the bucket policy** earlier. This bucket policy update indicates that you successfully configured the CloudFront distribution to restrict access to the S3 bucket. Because of this restriction, objects in the bucket can be accessed only through your CloudFront distribution. ## Step 5: Access the video through the CloudFront distribution Now, CloudFront can serve the video stored in your S3 bucket. To access your video through CloudFront, you must combine your CloudFront distribution domain name with the path to the video in the S3 bucket. **To create a URL to the S3 video using the CloudFront distribution domain name** 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. To get the distribution domain name, do the following: 1. In the **Origins** column, find the correct CloudFront distribution by looking for its origin name, which starts with the S3 bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. After finding the distribution in the list, widen the **Domain name** column to copy the domain name value for your CloudFront distribution. 1. In a new browser tab, paste the distribution domain name that you copied. 1. Return to the previous browser tab, and open the S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **Buckets**. 1. In the **Buckets** list, choose the name of the bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. In the **Objects** list, choose the name of the video that you uploaded in [Step 2](#cf-s3-step2) (for example, `sample.mp4`). 1. On the object detail page, in the **Object overview** section, copy the value of the **Key**. This value is the path to the uploaded video object in the S3 bucket. 1. Return to the browser tab where you previously pasted the distribution domain name, enter a forward slash (**/**) after the distribution domain name, and then paste the path to the video that you copied earlier (for example, `sample.mp4`). Now, your S3 video is publicly accessible and hosted through CloudFront at a URL that looks similar to the following: ``` https://CloudFront distribution domain name/Path to the S3 video ``` Replace *CloudFront distribution domain name* and *Path to the S3 video* with the appropriate values. An example URL is **https://d111111abcdef8.cloudfront.net/sample.mp4**. ## Step 6: Configure your CloudFront distribution to use your custom domain name To use your own domain name instead of the CloudFront domain name in the URL to access the S3 video, add an alternate domain name to your CloudFront distribution. **Topics** + [ ### Request an SSL certificate ](#cf-s3-step6-create-SSL) + [ ### Add the alternate domain name to your CloudFront distribution ](#cf-s3-step6-custom-domain) + [ ### Create a DNS record to route traffic from your alternate domain name to your CloudFront distribution's domain name ](#cf-s3-step6-DNS-record) + [ ### Check whether IPv6 is enabled for your distribution and create another DNS record if needed ](#s3-step6-ipv6) ### Request an SSL certificate To allow your viewers to use HTTPS and your custom domain name in the URL for your video streaming, use AWS Certificate Manager (ACM) to request a Secure Sockets Layer (SSL) certificate. The SSL certificate establishes an encrypted network connection to the website. 1. Sign in to the AWS Management Console and open the ACM console at [https://console.aws.amazon.com/acm/](https://console.aws.amazon.com/acm/). 1. If the introductory page appears, under **Provision certificates**, choose **Get Started**. 1. On the **Request a certificate** page, choose **Request a public certificate**, and then choose **Request a certificate**. 1. On the **Add domain names** page, enter the fully qualified domain name (FQDN) of the site that you want to secure with an SSL/TLS certificate. You can use an asterisk (`*`) to request a wildcard certificate to protect several site names in the same domain. For this tutorial, enter **\$1** and the custom domain name that you configured in [Prerequisites](#cf-s3-prerequisites). For example, enter **\$1.example.com**, and then choose **Next**. For more information, see [To request an ACM public certificate (console)](https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html#request-public-console) in the *AWS Certificate Manager User Guide*. 1. On the **Select validation method** page, choose **DNS validation**. Then, choose **Next**. If you are able to edit your DNS configuration, we recommend that you use DNS domain validation rather than email validation. DNS validation has multiple benefits over email validation. For more information, see [Option 1: DNS validation](https://docs.aws.amazon.com/acm/latest/userguide/dns-validation.html) in the *AWS Certificate Manager User Guide*. 1. (Optional) On the **Add tags** page, tag your certificate with metadata. 1. Choose **Review**. 1. On the **Review** page, verify that the information under **Domain name** and **Validation method** are correct. Then, choose **Confirm and request**. The **Validation** page shows that your request is being processed and that the certificate domain is being validated. The certificate awaiting validation is in the **Pending validation** status. 1. On the **Validation** page, choose the down arrow to the left of your custom domain name, and then choose **Create record in Route 53** to validate your domain ownership through DNS. Doing this adds a CNAME record provided by AWS Certificate Manager to your DNS configuration. 1. In the **Create record in Route 53** dialog box, choose **Create**. The **Validation** page should display a status notification of **Success** at the bottom. 1. Choose **Continue** to view the **Certificates** list page. The **Status** for your new certificate changes from **Pending validation** to **Issued** within 30 minutes. ### Add the alternate domain name to your CloudFront distribution 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. Choose the ID for the distribution that you created in [Step 4](#cf-s3-step3). 1. On the **General** tab, go to the **Settings** section, and choose **Edit**. 1. On the **Edit settings** page, for **Alternate domain name (CNAME) - *optional***, choose **Add item** to add the custom domain names that you want to use in the URL for the S3 video served by this CloudFront distribution. In this tutorial, for example, if you want to route traffic for a subdomain, such as `www.example.com`, enter the subdomain name (`www`) with the domain name (`example.com`). Specifically, enter **www.example.com**. **Note** The alternate domain name (CNAME) that you add must be covered by the SSL certificate that you previously attached to your CloudFront distribution. 1. For **Custom SSL certificate - *optional***, choose the SSL certificate that you requested earlier (for example, **\$1.example.com**). **Note** If you don't see the SSL certificate immediately after you request it, wait 30 minutes, and then refresh the list until the SSL certificate is available for you to select. 1. Keep the remaining settings set to the defaults. Choose **Save changes**. 1. On the **General** tab for the distribution, wait for the value of **Last modified** to change from **Deploying** to the timestamp when the distribution was last modified. ### Create a DNS record to route traffic from your alternate domain name to your CloudFront distribution's domain name 1. Sign in to the AWS Management Console and open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the left navigation pane, choose **Hosted zones**. 1. On the **Hosted zones** page, choose the name of the hosted zone that Route 53 created for you in [Prerequisites](#cf-s3-prerequisites) (for example, **example.com**). 1. Choose **Create record**, and then use the **Quick create record** method. 1. For **Record name**, keep the value for the record name the same as the alternate domain name of the CloudFront distribution that you added earlier. In this tutorial, to route traffic to a subdomain, such as `www.example.com`, enter the subdomain name without the domain name. For example, enter only **www** in the text field before your custom domain name. 1. For **Record type**, choose **A - Routes traffic to an IPv4 address and some AWS resources**. 1. For **Value**, choose the **Alias** toggle to enable the alias resource. 1. Under **Route traffic to**, choose **Alias to CloudFront distribution** from the dropdown list. 1. In the search box that says **Choose distribution**, choose the domain name of the CloudFront distribution that you created in [Step 4](#cf-s3-step4). To find the domain name of your CloudFront distribution, do the following: 1. In a new browser tab, sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v3/home](https://console.aws.amazon.com/cloudfront/v3/home). 1. In the left navigation pane, choose **Distributions**. 1. In the **Origins** column, find the correct CloudFront distribution by looking for its origin name, which starts with the S3 bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. After finding the distribution in the list, widen the **Domain name** column to see the domain name value for your CloudFront distribution. 1. On the **Create record** page in the Route 53 console, for the remaining settings, keep the defaults. 1. Choose **Create records**. ### Check whether IPv6 is enabled for your distribution and create another DNS record if needed If IPv6 is enabled for your distribution, you must create another DNS record. 1. To check whether IPv6 is enabled for your distribution, do the following: 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. Choose the ID of the CloudFront distribution that you created in [Step 4](#cf-s3-step4). 1. On the **General** tab, under **Settings**, check whether **IPv6** is set to **Enabled**. If IPv6 is enabled for your distribution, you must create another DNS record. 1. If IPv6 is enabled for your distribution, do the following to create a DNS record: 1. Sign in to the AWS Management Console and open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the left navigation pane, choose **Hosted zones**. 1. On the **Hosted zones** page, choose the name of the hosted zone that Route 53 created for you in [Prerequisites](#cf-s3-prerequisites) (for example, **example.com**). 1. Choose **Create record**, and then use the **Quick create record** method. 1. For **Record name**, in the text field before your custom domain name, type the same value that you typed when you created the IPv4 DNS record earlier. For example, in this tutorial, to route traffic for the subdomain `www.example.com`, enter only **www**. 1. For **Record type**, choose **AAAA - Routes traffic to an IPv6 address and some AWS resources**. 1. For **Value**, choose the **Alias** toggle to enable the alias resource. 1. Under **Route traffic to**, choose **Alias to CloudFront distribution** from the dropdown list. 1. In the search box that says **Choose distribution**, choose the domain name of the CloudFront distribution that you created in [Step 4](#cf-s3-step4). 1. For the remaining settings, keep the defaults. 1. Choose **Create records**. ## Step 7: Access the S3 video through the CloudFront distribution with the custom domain name To access the S3 video using the custom URL, you must combine your alternate domain name with the path to the video in the S3 bucket. **To create a custom URL to access the S3 video through the CloudFront distribution** 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. To get the alternate domain name of your CloudFront distribution, do the following: 1. In the **Origins** column, find the correct CloudFront distribution by looking for its origin name, which starts with the S3 bucket name for the bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. After finding the distribution in the list, widen the **Alternate domain names** column to copy the value of the alternate domain name of your CloudFront distribution. 1. In a new browser tab, paste the alternate domain name of the CloudFront distribution. 1. Return to the previous browser tab, and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Find the path to your S3 video, as explained in [Step 5](#cf-s3-step5). 1. Return to the browser tab where you previously pasted the alternate domain name, enter a forward slash (**/**), and then paste the path to your S3 video (for example, `sample.mp4`). Now, your S3 video is publicly accessible and hosted through CloudFront at a custom URL that looks similar to the following: ``` https://CloudFront distribution alternate domain name/Path to the S3 video ``` Replace *CloudFront distribution alternate domain name* and *Path to the S3 video* with the appropriate values. An example URL is **https://www.example.com/sample.mp4**. ## (Optional) Step 8: View data about requests received by your CloudFront distribution **To view data about requests received by your CloudFront distribution** 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, under **Reports & analytics**, choose the reports from the console, ranging from **Cache statistics**, **Popular Objects**, **Top Referrers**, **Usage**, and **Viewers**. You can filter each report dashboard. For more information, see [CloudFront Reports in the Console](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/reports.html) in the *Amazon CloudFront Developer Guide*. 1. To filter data, choose the ID of the CloudFront distribution that you created in [Step 4](#cf-s3-step4). ## Step 9: Clean up If you hosted an S3 streaming video using CloudFront and Route 53 only as a learning exercise, delete the AWS resources that you allocated so that you no longer accrue charges. **Note** When you register a domain, it costs money immediately and it's irreversible. You can choose not to auto-renew the domain, but you pay up front and own it for the year. For more information, see [Registering a new domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html) in the *Amazon Route 53 Developer Guide*. **Topics** + [ ### Delete the CloudFront distribution ](#cf-s3-step9-delete-cf) + [ ### Delete the DNS record ](#cf-s3-step9-delete-dns) + [ ### Delete the public hosted zone for your custom domain ](#cf-s3-step9-delete-hosted-zone) + [ ### Delete the custom domain name from Route 53 ](#cf-s3-step9-delete-domain) + [ ### Delete the original video in the S3 source bucket ](#cf-s3-step9-delete-video) + [ ### Delete the S3 source bucket ](#cf-s3-step9-delete-bucket) ### Delete the CloudFront distribution 1. Sign in to the AWS Management Console and open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. In the left navigation pane, choose **Distributions**. 1. In the **Origins** column, find the correct CloudFront distribution by looking for its origin name, which starts with the S3 bucket name for the bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. To delete the CloudFront distribution, you must disable it first. + If the value of the **Status** column is **Enabled** and the value of **Last modified** is the timestamp when the distribution was last modified, continue to disable the distribution before deleting it. + If the value of **Status** is **Enabled** and the value of **Last modified** is **Deploying**, wait until the value of **Status** changes to the timestamp when the distribution was last modified. Then continue to disable the distribution before deleting it. 1. To disable the CloudFront distribution, do the following: 1. In the **Distributions** list, select the check box next to the ID for the distribution that you want to delete. 1. To disable the distribution, choose **Disable**, and then choose **Disable** to confirm. If you disable a distribution that has an alternate domain name associated with it, CloudFront stops accepting traffic for that domain name (such as `www.example.com`), even if another distribution has an alternate domain name with a wildcard (`*`) that matches the same domain (such as `*.example.com`). 1. The value of **Status** immediately changes to **Disabled**. Wait until the value of **Last modified** changes from **Deploying** to the timestamp when the distribution was last modified. Because CloudFront must propagate this change to all edge locations, it might take a few minutes before the update is complete and the **Delete** option is available for you to delete the distribution. 1. To delete the disabled distribution, do the following: 1. Choose the check box next to the ID for the distribution that you want to delete. 1. Choose **Delete**, and then choose **Delete** to confirm. ### Delete the DNS record If you want to delete the public hosted zone for the domain (including the DNS record), see [Delete the public hosted zone for your custom domain](#cf-s3-step9-delete-hosted-zone) in the *Amazon Route 53 Developer Guide*. If you only want to delete the DNS record created in [Step 6](#cf-s3-step6), do the following: 1. Sign in to the AWS Management Console and open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the left navigation pane, choose **Hosted zones**. 1. On the **Hosted zones** page, choose the name of the hosted zone that Route 53 created for you in [Prerequisites](#cf-s3-prerequisites) (for example, **example.com**). 1. In the list of records, select the check box next to the records that you want to delete (the records that you created in [Step 6](#cf-s3-step6)). **Note** You can't delete records that have a **Type** value of **NS** or **SOA**. 1. Choose **Delete records**. 1. To confirm the deletion, choose **Delete**. Changes to records take time to propagate to the Route 53 DNS servers. Currently, the only way to verify that your changes have propagated is to use the [GetChange API action](https://docs.aws.amazon.com/Route53/latest/APIReference/API_GetChange.html). Changes usually propagate to all Route 53 name servers within 60 seconds. ### Delete the public hosted zone for your custom domain **Warning** If you want to keep your domain registration but stop routing internet traffic to your website or web application, we recommend that you delete records in the hosted zone (as described in the prior section) instead of deleting the hosted zone. If you delete a hosted zone, someone else can use the domain and route traffic to their own resources using your domain name. In addition, if you delete a hosted zone, you can't undelete it. You must create a new hosted zone and update the name servers for your domain registration, which can take up to 48 hours to take effect. If you want to make the domain unavailable on the internet, you can first transfer your DNS service to a free DNS service and then delete the Route 53 hosted zone. This prevents future DNS queries from possibly being misrouted. If the domain is registered with Route 53, see [Adding or changing name servers and glue records for a domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-name-servers-glue-records.html) in the *Amazon Route 53 Developer Guide* for information about how to replace Route 53 name servers with name servers for the new DNS service. If the domain is registered with another registrar, use the method provided by the registrar to change name servers for the domain. If you're deleting a hosted zone for a subdomain (`www.example.com`), you don't need to change name servers for the domain (`example.com`). 1. Sign in to the AWS Management Console and open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the left navigation pane, choose **Hosted zones**. 1. On the **Hosted zones** page, choose the name of the hosted zone that you want to delete. 1. On the **Records** tab for your hosted zone, confirm that the hosted zone that you want to delete contains only an **NS** and an **SOA** record. If it contains additional records, delete them first. If you created any NS records for subdomains in the hosted zone, delete those records too. 1. On the **DNSSEC signing** tab for your hosted zone, disable DNNSSEC signing if it was enabled. For more information, see [Disabling DNSSEC signing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-configuring-dnssec-disable.html) in the *Amazon Route 53 Developer Guide*. 1. At the top of the details page of the hosted zone, choose **Delete zone**. 1. To confirm the deletion, enter **delete**, and then choose **Delete**. ### Delete the custom domain name from Route 53 For most top-level domains (TLDs), you can delete the registration if you no longer want it. If you delete a domain name registration from Route 53 before the registration is scheduled to expire, AWS does not refund the registration fee. For more information, see [Deleting a domain name registration](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-delete.html) in the *Amazon Route 53 Developer Guide*. **Important** If you want to transfer the domain between AWS accounts or transfer the domain to another registrar, don't delete the domain and expect to immediately reregister it. Instead, see the applicable documentation in the *Amazon Route 53 Developer Guide*: [Transferring a domain to a different AWS account](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-transfer-between-aws-accounts.html) [Transferring a domain from Amazon Route 53 to another registrar](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-transfer-from-route-53.html) ### Delete the original video in the S3 source bucket 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **Buckets**. 1. In the **Bucket name** list, choose the name of the bucket that you uploaded the video to in [Step 2](#cf-s3-step2) (for example, **tutorial-bucket**). 1. On the **Objects** tab, select the check box next to the name of the object that you want to delete (for example, `sample.mp4`). 1. Choose **Delete**. 1. Under **Permanently delete objects?**, enter **permanently delete** to confirm that you want to delete this object. 1. Choose **Delete objects**. ### Delete the S3 source bucket 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **Buckets**. 1. In the **Buckets** list, select the option button next to the name of the bucket that you created in [Step 1](#cf-s3-step1) (for example, **tutorial-bucket**). 1. Choose **Delete**. 1. On the **Delete bucket** page, confirm that you want to delete the bucket by entering the bucket name in the text field, and then choose **Delete bucket**. ## Next steps After you complete this tutorial, you can further explore the following related use cases: + Transcode S3 videos into streaming formats needed by a particular television or connected device before hosting these videos with a CloudFront distribution. To use Amazon S3 Batch Operations, AWS Lambda and AWS Elemental MediaConvert to batch-transcode a collection of videos to a variety of output media formats, see [Tutorial: Batch-transcoding videos with S3 Batch Operations](tutorial-s3-batchops-lambda-mediaconvert-video.md). + Host other objects stored in S3, such as images, audio, motion graphics, style sheets, HTML, JavaScript, React apps, and so on, using CloudFront and Route 53. For example, see [Tutorial: Configuring a static website using a custom domain registered with Route 53](website-hosting-custom-domain-walkthrough.md) and [Speeding up your website with Amazon CloudFront](website-hosting-cloudfront-walkthrough.md). + Use [Amazon S3 Transfer Acceleration](https://aws.amazon.com/s3/transfer-acceleration) to configure fast and secure file transfers. Transfer Acceleration can speed up video uploading to your S3 bucket for long-distance transfer of larger videos. Transfer Acceleration improves transfer performance by routing traffic through the CloudFront globally distributed edge locations and over the AWS backbone networks. It also uses network protocol optimizations. For more information, see [Configuring fast, secure file transfers using Amazon S3 Transfer Acceleration](transfer-acceleration.md). # Tutorial: Configuring a static website on Amazon S3 **Important** Amazon S3 now applies server-side encryption with Amazon S3 managed keys (SSE-S3) as the base level of encryption for every bucket in Amazon S3. Starting January 5, 2023, all new object uploads to Amazon S3 are automatically encrypted at no additional cost and with no impact on performance. The automatic encryption status for S3 bucket default encryption configuration and for new object uploads is available in CloudTrail logs, S3 Inventory, S3 Storage Lens, the Amazon S3 console, and as an additional Amazon S3 API response header in the AWS CLI and AWS SDKs. For more information, see [Default encryption FAQ](https://docs.aws.amazon.com/AmazonS3/latest/userguide/default-encryption-faq.html). You can configure an Amazon S3 bucket to function like a website. This example walks you through the steps of hosting a website on Amazon S3. **Important** The following tutorial requires disabling Block Public Access. We recommend keeping Block Public Access enabled. If you want to keep all four Block Public Access settings enabled and host a static website, you can use Amazon CloudFront origin access control (OAC). Amazon CloudFront provides the capabilities required to set up a secure static website. Amazon S3 static websites support only HTTP endpoints. Amazon CloudFront uses the durable storage of Amazon S3 while providing additional security headers, such as HTTPS. HTTPS adds security by encrypting a normal HTTP request and protecting against common cyberattacks. For more information, see [Getting started with a secure static website](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/getting-started-secure-static-website-cloudformation-template.html) in the *Amazon CloudFront Developer Guide*. **Topics** + [ ## Step 1: Create a bucket ](#step1-create-bucket-config-as-website) + [ ## Step 2: Enable static website hosting ](#step2-create-bucket-config-as-website) + [ ## Step 3: Edit Block Public Access settings ](#step3-edit-block-public-access) + [ ## Step 4: Add a bucket policy that makes your bucket content publicly available ](#step4-add-bucket-policy-make-content-public) + [ ## Step 5: Configure an index document ](#step5-upload-index-doc) + [ ## Step 6: Configure an error document ](#step6-upload-error-doc) + [ ## Step 7: Test your website endpoint ](#step7-test-web-site) + [ ## Step 8: Clean up ](#getting-started-cleanup-s3-website-overview) ## Step 1: Create a bucket The following instructions provide an overview of how to create your buckets for website hosting. For detailed, step-by-step instructions on creating a bucket, see [Creating a general purpose bucket](create-bucket-overview.md). **To create a bucket** 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Choose **Create bucket**. 1. Enter the **Bucket name** (for example, **example.com**). 1. Choose the Region where you want to create the bucket. Choose a Region that is geographically close to you to minimize latency and costs, or to address regulatory requirements. The Region that you choose determines your Amazon S3 website endpoint. For more information, see [Website endpoints](WebsiteEndpoints.md). 1. To accept the default settings and create the bucket, choose **Create**. ## Step 2: Enable static website hosting After you create a bucket, you can enable static website hosting for your bucket. You can create a new bucket or use an existing bucket. **To enable static website hosting** 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **General purpose buckets**. 1. In the buckets list, choose the name of the bucket that you want to enable static website hosting for. 1. Choose **Properties**. 1. Under **Static website hosting**, choose **Edit**. 1. Choose **Use this bucket to host a website**. 1. Under **Static website hosting**, choose **Enable**. 1. In **Index document**, enter the file name of the index document, typically `index.html`. The index document name is case sensitive and must exactly match the file name of the HTML index document that you plan to upload to your S3 bucket. When you configure a bucket for website hosting, you must specify an index document. Amazon S3 returns this index document when requests are made to the root domain or any of the subfolders. For more information, see [Configuring an index document](IndexDocumentSupport.md). 1. To provide your own custom error document for 4XX class errors, in **Error document**, enter the custom error document file name. The error document name is case sensitive and must exactly match the file name of the HTML error document that you plan to upload to your S3 bucket. If you don't specify a custom error document and an error occurs, Amazon S3 returns a default HTML error document. For more information, see [Configuring a custom error document](CustomErrorDocSupport.md). 1. (Optional) If you want to specify advanced redirection rules, in **Redirection rules**, enter JSON to describe the rules. For example, you can conditionally route requests according to specific object key names or prefixes in the request. For more information, see [Configure redirection rules to use advanced conditional redirects](how-to-page-redirect.md#advanced-conditional-redirects). 1. Choose **Save changes**. Amazon S3 enables static website hosting for your bucket. At the bottom of the page, under **Static website hosting**, you see the website endpoint for your bucket. 1. Under **Static website hosting**, note the **Endpoint**. The **Endpoint** is the Amazon S3 website endpoint for your bucket. After you finish configuring your bucket as a static website, you can use this endpoint to test your website. ## Step 3: Edit Block Public Access settings By default, Amazon S3 blocks public access to your account and buckets. If you want to use a bucket to host a static website, you can use these steps to edit your block public access settings. **Warning** Before you complete these steps, review [Blocking public access to your Amazon S3 storage](access-control-block-public-access.md) to ensure that you understand and accept the risks involved with allowing public access. When you turn off block public access settings to make your bucket public, anyone on the internet can access your bucket. We recommend that you block all public access to your buckets. 1. Open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Choose the name of the bucket that you have configured as a static website. 1. Choose **Permissions**. 1. Under **Block public access (bucket settings)**, choose **Edit**. 1. Clear **Block *all* public access**, and choose **Save changes**. ![\[The Amazon S3 console, showing the block public access bucket settings.\]](http://docs.aws.amazon.com/AmazonS3/latest/userguide/images/edit-public-access-clear.png) Amazon S3 turns off the Block Public Access settings for your bucket. To create a public static website, you might also have to [edit the Block Public Access settings](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/block-public-access-account.html) for your account before adding a bucket policy. If the Block Public Access settings for your account are currently turned on, you see a note under **Block public access (bucket settings)**. ## Step 4: Add a bucket policy that makes your bucket content publicly available After you edit S3 Block Public Access settings, you can add a bucket policy to grant public read access to your bucket. When you grant public read access, anyone on the internet can access your bucket. **Important** The following policy is an example only and allows full access to the contents of your bucket. Before you proceed with this step, review [How can I secure the files in my Amazon S3 bucket?](https://aws.amazon.com/premiumsupport/knowledge-center/secure-s3-resources/) to ensure that you understand the best practices for securing the files in your S3 bucket and risks involved in granting public access. 1. Under **Buckets**, choose the name of your bucket. 1. Choose **Permissions**. 1. Under **Bucket Policy**, choose **Edit**. 1. To grant public read access for your website, copy the following bucket policy, and paste it in the **Bucket policy editor**. ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::Bucket-Name/*" ] } ] } ``` 1. Update the `Resource` to your bucket name. In the preceding example bucket policy, *Bucket-Name* is a placeholder for the bucket name. To use this bucket policy with your own bucket, you must update this name to match your bucket name. 1. Choose **Save changes**. A message appears indicating that the bucket policy has been successfully added. If you see an error that says `Policy has invalid resource`, confirm that the bucket name in the bucket policy matches your bucket name. For information about adding a bucket policy, see [How do I add an S3 bucket policy?](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html) If you get an error message and cannot save the bucket policy, check your account and bucket Block Public Access settings to confirm that you allow public access to the bucket. ## Step 5: Configure an index document When you enable static website hosting for your bucket, you enter the name of the index document (for example, **index.html**). After you enable static website hosting for the bucket, you upload an HTML file with this index document name to your bucket. **To configure the index document** 1. Create an `index.html` file. If you don't have an `index.html` file, you can use the following HTML to create one: ``` My Website Home Page

Welcome to my website

Now hosted on Amazon S3!

Welcome to my website

Now hosted on Amazon S3!

``` 1. Save the index file locally. The index document file name must exactly match the index document name that you enter in the **Static website hosting** dialog box. The index document name is case sensitive. For example, if you enter `index.html` for the **Index document** name in the **Static website hosting** dialog box, your index document file name must also be `index.html` and not `Index.html`. 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **General purpose buckets**. 1. In the buckets list, choose the name of the bucket that you want to use to host a static website. 1. Enable static website hosting for your bucket, and enter the exact name of your index document (for example, `index.html`). For more information, see [Enabling website hosting](EnableWebsiteHosting.md). After enabling static website hosting, proceed to step 6. 1. To upload the index document to your bucket, do one of the following: + Drag and drop the index file into the console bucket listing. + Choose **Upload**, and follow the prompts to choose and upload the index file. For step-by-step instructions, see [Uploading objects](upload-objects.md). 1. (Optional) Upload other website content to your bucket. ## Step 7: Upload an error document When you enable static website hosting for your bucket, you enter the name of the error document (for example, **404.html**). After you enable static website hosting for the bucket, you upload an HTML file with this error document name to your bucket. **To configure an error document** 1. Create an error document, for example `404.html`. 1. Save the error document file locally. The error document name is case sensitive and must exactly match the name that you enter when you enable static website hosting. For example, if you enter `404.html` for the **Error document** name in the **Static website hosting** dialog box, your error document file name must also be `404.html`. 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **General purpose buckets**. 1. In the buckets list, choose the name of the bucket that you want to use to host a static website. 1. Enable static website hosting for your bucket, and enter the exact name of your error document (for example, `404.html`). For more information, see [Enabling website hosting](EnableWebsiteHosting.md) and [Configuring a custom error document](CustomErrorDocSupport.md). After enabling static website hosting, proceed to step 6. 1. To upload the error document to your bucket, do one of the following: + Drag and drop the error document file into the console bucket listing. + Choose **Upload**, and follow the prompts to choose and upload the index file. For step-by-step instructions, see [Uploading objects](upload-objects.md). ## Step 8: Edit S3 Block Public Access settings In this example, you edit block public access settings for the domain bucket (`example.com`) to allow public access. By default, Amazon S3 blocks public access to your account and buckets. If you want to use a bucket to host a static website, you can use these steps to edit your block public access settings. **Warning** Before you complete these steps, review [Blocking public access to your Amazon S3 storage](access-control-block-public-access.md) to ensure that you understand and accept the risks involved with allowing public access. When you turn off block public access settings to make your bucket public, anyone on the internet can access your bucket. We recommend that you block all public access to your buckets. 1. Open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Choose the name of the bucket that you have configured as a static website. 1. Choose **Permissions**. 1. Under **Block public access (bucket settings)**, choose **Edit**. 1. Clear **Block *all* public access**, and choose **Save changes**. ![\[The Amazon S3 console, showing the block public access bucket settings.\]](http://docs.aws.amazon.com/AmazonS3/latest/userguide/images/edit-public-access-clear.png) Amazon S3 turns off the Block Public Access settings for your bucket. To create a public static website, you might also have to [edit the Block Public Access settings](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/block-public-access-account.html) for your account before adding a bucket policy. If the Block Public Access settings for your account are currently turned on, you see a note under **Block public access (bucket settings)**. ## Step 9: Attach a bucket policy In this example, you attach a bucket policy to the domain bucket (`example.com`) to allow public read access. You replace the *Bucket-Name* in the example bucket policy with the name of your domain bucket, for example `example.com`. After you edit S3 Block Public Access settings, you can add a bucket policy to grant public read access to your bucket. When you grant public read access, anyone on the internet can access your bucket. **Important** The following policy is an example only and allows full access to the contents of your bucket. Before you proceed with this step, review [How can I secure the files in my Amazon S3 bucket?](https://aws.amazon.com/premiumsupport/knowledge-center/secure-s3-resources/) to ensure that you understand the best practices for securing the files in your S3 bucket and risks involved in granting public access. 1. Under **Buckets**, choose the name of your bucket. 1. Choose **Permissions**. 1. Under **Bucket Policy**, choose **Edit**. 1. To grant public read access for your website, copy the following bucket policy, and paste it in the **Bucket policy editor**. ``` { "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadGetObject", "Effect": "Allow", "Principal": "*", "Action": [ "s3:GetObject" ], "Resource": [ "arn:aws:s3:::Bucket-Name/*" ] } ] } ``` 1. Update the `Resource` to your bucket name. In the preceding example bucket policy, *Bucket-Name* is a placeholder for the bucket name. To use this bucket policy with your own bucket, you must update this name to match your bucket name. 1. Choose **Save changes**. A message appears indicating that the bucket policy has been successfully added. If you see an error that says `Policy has invalid resource`, confirm that the bucket name in the bucket policy matches your bucket name. For information about adding a bucket policy, see [How do I add an S3 bucket policy?](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/add-bucket-policy.html) If you get an error message and cannot save the bucket policy, check your account and bucket Block Public Access settings to confirm that you allow public access to the bucket. In the next step, you can figure out your website endpoints and test your domain endpoint. ## Step 10: Test your domain endpoint After you configure your domain bucket to host a public website, you can test your endpoint. For more information, see [Website endpoints](WebsiteEndpoints.md). You can only test the endpoint for your domain bucket because your subdomain bucket is set up for website redirect and not static website hosting. **Note** Amazon S3 does not support HTTPS access to the website. If you want to use HTTPS, you can use Amazon CloudFront to serve a static website hosted on Amazon S3. For more information, see [How do I use CloudFront to serve a static website hosted on Amazon S3?](https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-serve-static-website/) and [Requiring HTTPS for communication between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html). 1. Under **Buckets**, choose the name of your bucket. 1. Choose **Properties**. 1. At the bottom of the page, under **Static website hosting**, choose your **Bucket website endpoint**. Your index document opens in a separate browser window. In the next step, you use Amazon Route 53 to enable customers to use both of your custom URLs to navigate to your site. ## Step 11: Add alias records for your domain and subdomain In this step, you create the alias records that you add to the hosted zone for your domain maps `example.com` and `www.example.com`. Instead of using IP addresses, the alias records use the Amazon S3 website endpoints. Amazon Route 53 maintains a mapping between the alias records and the IP addresses where the Amazon S3 buckets reside. You create two alias records, one for your root domain and one for your subdomain. ### Add an alias record for your root domain and subdomain **To add an alias record for your root domain (`example.com`)** 1. Open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). **Note** If you don't already use Route 53, see [Step 1: Register a domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html#getting-started-find-domain-name) in the *Amazon Route 53 Developer Guide*. After completing your setup, you can resume the instructions. 1. Choose **Hosted zones**. 1. In the list of hosted zones, choose the name of the hosted zone that matches your domain name. 1. Choose **Create record**. 1. Choose **Switch to wizard**. **Note** If you want to use quick create to create your alias records, see [Configuring Route 53 to route traffic to an S3 Bucket](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/RoutingToS3Bucket.html#routing-to-s3-bucket-configuring). 1. Choose **Simple routing**, and choose **Next**. 1. Choose **Define simple record**. 1. In **Record name**, accept the default value, which is the name of your hosted zone and your domain. 1. In **Value/Route traffic to**, choose **Alias to S3 website endpoint**. 1. Choose the Region. 1. Choose the S3 bucket. The bucket name should match the name that appears in the **Name** box. In the **Choose S3 bucket** list, the bucket name appears with the Amazon S3 website endpoint for the Region where the bucket was created, for example, `s3-website-us-west-1.amazonaws.com (example.com)`. **Choose S3 bucket** lists a bucket if: + You configured the bucket as a static website. + The bucket name is the same as the name of the record that you're creating. + The current AWS account created the bucket. If your bucket does not appear in the **Choose S3 bucket** list, enter the Amazon S3 website endpoint for the Region where the bucket was created, for example, **s3-website-us-west-2.amazonaws.com**. For a complete list of Amazon S3 website endpoints, see [Amazon S3 Website endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints). For more information about the alias target, see [Value/route traffic to](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-alias.html#rrsets-values-alias-alias-target) in the *Amazon Route 53 Developer Guide*. 1. In **Record type**, choose **A ‐ Routes traffic to an IPv4 address and some AWS resources**. 1. For **Evaluate target health**, choose **No**. 1. Choose **Define simple record**. **To add an alias record for your subdomain (`www.example.com`)** 1. Under **Configure records**, choose **Define simple record**. 1. In **Record name** for your subdomain, type `www`. 1. In **Value/Route traffic to**, choose **Alias to S3 website endpoint**. 1. Choose the Region. 1. Choose the S3 bucket, for example, `s3-website-us-west-2.amazonaws.com (www.example.com)`. If your bucket does not appear in the **Choose S3 bucket** list, enter the Amazon S3 website endpoint for the Region where the bucket was created, for example, **s3-website-us-west-2.amazonaws.com**. For a complete list of Amazon S3 website endpoints, see [Amazon S3 Website endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints). For more information about the alias target, see [Value/route traffic to](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-alias.html#rrsets-values-alias-alias-target) in the *Amazon Route 53 Developer Guide*. 1. In **Record type**, choose **A ‐ Routes traffic to an IPv4 address and some AWS resources**. 1. For **Evaluate target health**, choose **No**. 1. Choose **Define simple record**. 1. On the **Configure records** page, choose **Create records**. **Note** Changes generally propagate to all Route 53 servers within 60 seconds. When propagation is done, you can route traffic to your Amazon S3 bucket by using the names of the alias records that you created in this procedure. ### Add an alias record for your root domain and subdomain (old Route 53 console) **To add an alias record for your root domain (`example.com`)** The Route 53 console has been redesigned. In the Route 53 console you can temporarily use the old console. If you choose to work with the old Route 53 console, use the procedure below. 1. Open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). **Note** If you don't already use Route 53, see [Step 1: Register a domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html#getting-started-find-domain-name) in the *Amazon Route 53 Developer Guide*. After completing your setup, you can resume the instructions. 1. Choose **Hosted Zones**. 1. In the list of hosted zones, choose the name of the hosted zone that matches your domain name. 1. Choose **Create Record Set**. 1. Specify the following values: **Name** Accept the default value, which is the name of your hosted zone and your domain. For the root domain, you don't need to enter any additional information in the **Name** field. **Type** Choose **A – IPv4 address**. **Alias** Choose **Yes**. **Alias Target** In the **S3 website endpoints** section of the list, choose your bucket name. The bucket name should match the name that appears in the **Name** box. In the **Alias Target** listing, the bucket name is followed by the Amazon S3 website endpoint for the Region where the bucket was created, for example `example.com (s3-website-us-west-2.amazonaws.com)`. **Alias Target** lists a bucket if: + You configured the bucket as a static website. + The bucket name is the same as the name of the record that you're creating. + The current AWS account created the bucket. If your bucket does not appear in the **Alias Target** listing, enter the Amazon S3 website endpoint for the Region where the bucket was created, for example, `s3-website-us-west-2`. For a complete list of Amazon S3 website endpoints, see [Amazon S3 Website endpoints](https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints). For more information about the alias target, see [Value/route traffic to](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/resource-record-sets-values-alias.html#rrsets-values-alias-alias-target) in the *Amazon Route 53 Developer Guide*. **Routing Policy** Accept the default value of **Simple**. **Evaluate Target Health** Accept the default value of **No**. 1. Choose **Create**. **To add an alias record for your subdomain (`www.example.com`)** 1. In the hosted zone for your root domain (`example.com`), choose **Create Record Set**. 1. Specify the following values: **Name** For the subdomain, enter `www` in the box. **Type** Choose **A – IPv4 address**. **Alias** Choose **Yes**. **Alias Target** In the **S3 website endpoints** section of the list, choose the same bucket name that appears in the **Name** field—for example, `www.example.com (s3-website-us-west-2.amazonaws.com)`. **Routing Policy** Accept the default value of **Simple**. **Evaluate Target Health** Accept the default value of **No**. 1. Choose **Create**. **Note** Changes generally propagate to all Route 53 servers within 60 seconds. When propagation is done, you can route traffic to your Amazon S3 bucket by using the names of the alias records that you created in this procedure. ## Step 12: Test the website Verify that the website and the redirect work correctly. In your browser, enter your URLs. In this example, you can try the following URLs: + **Domain** (`http://example.com`) – Displays the index document in the `example.com` bucket. + **Subdomain** (`http://www.example.com`) – Redirects your request to `http://example.com`. You see the index document in the `example.com` bucket. If your website or redirect links don't work, you can try the following: + **Clear cache** – Clear the cache of your web browser. + **Check name servers** – If your web page and redirect links don't work after you've cleared your cache, you can compare the name servers for your domain and the name servers for your hosted zone. If the name servers don't match, you might need to update your domain name servers to match those listed under your hosted zone. For more information, see [Adding or changing name servers and glue records for a domain](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-name-servers-glue-records.html). After you've successfully tested your root domain and subdomain, you can set up an [Amazon CloudFront](http://aws.amazon.com/cloudfront) distribution to improve the performance of your website and provide logs that you can use to review website traffic. For more information, see [Speeding up your website with Amazon CloudFront](website-hosting-cloudfront-walkthrough.md). # Speeding up your website with Amazon CloudFront You can use [Amazon CloudFront](http://aws.amazon.com/cloudfront) to improve the performance of your Amazon S3 website. CloudFront makes your website files (such as HTML, images, and video) available from data centers around the world (known as *edge locations*). When a visitor requests a file from your website, CloudFront automatically redirects the request to a copy of the file at the nearest edge location. This results in faster download times than if the visitor had requested the content from a data center that is located farther away. CloudFront caches content at edge locations for a period of time that you specify. If a visitor requests content that has been cached for longer than the expiration date, CloudFront checks the origin server to see if a newer version of the content is available. If a newer version is available, CloudFront copies the new version to the edge location. Changes that you make to the original content are replicated to edge locations as visitors request the content. **Using CloudFront without Route 53** The tutorial on this page uses Route 53 to point to your CloudFront distribution. However, if you want to serve content hosted in an Amazon S3 bucket using CloudFront without using Route 53, see [Amazon CloudFront Tutorials: Setting up a Dynamic Content Distribution for Amazon S3](https://aws.amazon.com/cloudfront/getting-started/S3/). When you serve content hosted in an Amazon S3 bucket using CloudFront, you can use any bucket name, and both HTTP and HTTPS are supported. **Automating set up with an CloudFormation template** For more information about using an CloudFormation template to configure a secure static website that creates a CloudFront distribution to serve your website, see [Getting started with a secure static website](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/getting-started-secure-static-website-cloudformation-template.html) in the *Amazon CloudFront Developer Guide*. **Topics** + [ ## Step 1: Create a CloudFront distribution ](#create-distribution) + [ ## Step 2: Update the record sets for your domain and subdomain ](#update-record-sets) + [ ## (Optional) Step 3: Check the log files ](#check-log-files) ## Step 1: Create a CloudFront distribution First, you create a CloudFront distribution. This makes your website available from data centers around the world. **To create a distribution with an Amazon S3 origin** 1. Open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. Choose **Create Distribution**. 1. On the **Create Distribution** page, in the **Origin Settings** section, for **Origin Domain Name**, enter the Amazon S3 website endpoint for your bucket—for example, **example.com.s3-website.us-west-1.amazonaws.com**. CloudFront fills in the **Origin ID** for you. 1. For **Default Cache Behavior Settings**, keep the values set to the defaults. With the default settings for **Viewer Protocol Policy**, you can use HTTPS for your static website. For more information these configuration options, see [Values that You Specify When You Create or Update a Web Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/WorkingWithDownloadDistributions.html#DownloadDistValuesYouSpecify) in the *Amazon CloudFront Developer Guide*. 1. For **Distribution Settings**, do the following: 1. Leave **Price Class** set to **Use All Edge Locations (Best Performance)**. 1. Set **Alternate Domain Names (CNAMEs)** to the root domain and `www` subdomain. In this tutorial, these are `example.com` and `www.example.com`. **Important** Before you perform this step, note the [requirements for using alternate domain names](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements), in particular the need for a valid SSL/TLS certificate. 1. For **SSL Certificate**, choose **Custom SSL Certificate (example.com)**, and choose the custom certificate that covers the domain and subdomain names. For more information, see [SSL Certificate](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesSSLCertificate) in the *Amazon CloudFront Developer Guide*. 1. In **Default Root Object**, enter the name of your index document, for example, `index.html`. If the URL used to access the distribution doesn't contain a file name, the CloudFront distribution returns the index document. The **Default Root Object** should exactly match the name of the index document for your static website. For more information, see [Configuring an index document](IndexDocumentSupport.md). 1. Set **Logging** to **On**. **Important** When you create or update a distribution and enable CloudFront logging, CloudFront updates the bucket access control list (ACL) to give the `awslogsdelivery` account `FULL_CONTROL` permissions to write logs to your bucket. For more information, see [Permissions required to configure standard logging and to access your log files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html#AccessLogsBucketAndFileOwnership) in the *Amazon CloudFront Developer Guide*. If the bucket that stores the logs uses the Bucket owner enforced setting for S3 Object Ownership to disable ACLs, CloudFront cannot write logs to the bucket. For more information, see [Controlling ownership of objects and disabling ACLs for your bucket](about-object-ownership.md). 1. For **Bucket for Logs**, choose the logging bucket that you created. For more information about configuring a logging bucket, see [(Optional) Logging web traffic](LoggingWebsiteTraffic.md). 1. If you want to store the logs that are generated by traffic to the CloudFront distribution in a folder, in **Log Prefix**, enter the folder name. 1. Keep all other settings at their default values. 1. Choose **Create Distribution**. 1. To see the status of the distribution, find the distribution in the console and check the **Status** column. A status of `InProgress` indicates that the distribution is not yet fully deployed. After your distribution is deployed, you can reference your content with the new CloudFront domain name. 1. Record the value of **Domain Name** shown in the CloudFront console, for example, `dj4p1rv6mvubz.cloudfront.net`. 1. To verify that your CloudFront distribution is working, enter the domain name of the distribution in a web browser. If your website is visible, the CloudFront distribution works. If your website has a custom domain registered with Amazon Route 53, you will need the CloudFront domain name to update the record set in the next step. ## Step 2: Update the record sets for your domain and subdomain Now that you have successfully created a CloudFront distribution, update the alias record in Route 53 to point to the new CloudFront distribution. **To update the alias record to point to a CloudFront distribution** 1. Open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the left navigation, choose **Hosted zones**. 1. On the **Hosted Zones** page, choose the hosted zone that you created for your subdomain, for example, `www.example.com`. 1. Under **Records**, select the *A* record that you created for your subdomain. 1. Under **Record details**, choose **Edit record**. 1. Under **Route traffic to**, choose **Alias to CloudFront distribution**. 1. Under **Choose distribution**, choose the CloudFront distribution. 1. Choose **Save**. 1. To redirect the *A* record for the root domain to the CloudFront distribution, repeat this procedure for the root domain, for example, `example.com`. The update to the record sets takes effect within 2–48 hours. 1. To see whether the new *A* records have taken effect, in a web browser, enter your subdomain URL, for example, `http://www.example.com`. If the browser no longer redirects you to the root domain (for example, `http://example.com`), the new A records are in place. When the new *A* record has taken effect, traffic routed by the new *A* record to the CloudFront distribution is not redirected to the root domain. Any visitors who reference the site by using `http://example.com` or `http://www.example.com` are redirected to the nearest CloudFront edge location, where they benefit from faster download times. **Tip** Browsers can cache redirect settings. If you think the new *A* record settings should have taken effect, but your browser still redirects `http://www.example.com` to `http://example.com`, try clearing your browser history and cache, closing and reopening your browser application, or using a different web browser. ## (Optional) Step 3: Check the log files The access logs tell you how many people are visiting the website. They also contain valuable business data that you can analyze with other services, such as [Amazon EMR](https://docs.aws.amazon.com/emr/latest/DeveloperGuide/). CloudFront logs are stored in the bucket and folder that you choose when you create a CloudFront distribution and enable logging. CloudFront writes logs to your log bucket within 24 hours from when the corresponding requests are made. **To see the log files for your website** 1. Open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Choose the name of the logging bucket for your website. 1. Choose the CloudFront logs folder. 1. Download the `.gzip` files written by CloudFront before opening them. If you created your website only as a learning exercise, you can delete the resources that you allocated so that you no longer accrue charges. To do so, see [Cleaning up your example resources](getting-started-cleanup.md). After you delete your AWS resources, your website is no longer available. # Cleaning up your example resources If you created your static website as a learning exercise, you should delete the AWS resources that you allocated so that you no longer accrue charges. After you delete your AWS resources, your website is no longer available. **Topics** + [ ## Step 1: Delete the Amazon CloudFront distribution ](#getting-started-cleanup-cloudfront) + [ ## Step 2: Delete the Route 53 hosted zone ](#getting-started-cleanup-route53) + [ ## Step 3: Disable logging and delete your S3 bucket ](#getting-started-cleanup-s3) ## Step 1: Delete the Amazon CloudFront distribution Before you delete an Amazon CloudFront distribution, you must disable it. A disabled distribution is no longer functional and does not accrue charges. You can enable a disabled distribution at any time. After you delete a disabled distribution, it is no longer available. **To disable and delete a CloudFront distribution** 1. Open the CloudFront console at [https://console.aws.amazon.com/cloudfront/v4/home](https://console.aws.amazon.com/cloudfront/v4/home). 1. Select the distribution that you want to disable, and then choose **Disable**. 1. When prompted for confirmation, choose **Yes, Disable**. 1. Select the disabled distribution, and then choose **Delete**. 1. When prompted for confirmation, choose **Yes, Delete**. ## Step 2: Delete the Route 53 hosted zone Before you delete the hosted zone, you must delete the record sets that you created. You don't need to delete the NS and SOA records; these are automatically deleted when you delete the hosted zone. **To delete the record sets** 1. Open the Route 53 console at [https://console.aws.amazon.com/route53/](https://console.aws.amazon.com/route53/). 1. In the list of domain names, select your domain name, and then choose **Go to Record Sets**. 1. In the list of record sets, select the *A* records that you created. The type of each record set is listed in the **Type** column. 1. Choose **Delete Record Set**. 1. When prompted for confirmation, choose **Confirm**. **To delete a Route 53 hosted zone** 1. Continuing from the previous procedure, choose **Back to Hosted Zones**. 1. Select your domain name, and then choose **Delete Hosted Zone**. 1. When prompted for confirmation, choose **Confirm**. ## Step 3: Disable logging and delete your S3 bucket Before you delete your S3 bucket, make sure that logging is disabled for the bucket. Otherwise, AWS continues to write logs to your bucket as you delete it. **To disable logging for a bucket** 1. Open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. Under **Buckets**, choose your bucket name, and then choose **Properties**. 1. From **Properties**, choose **Logging**. 1. Clear the **Enabled** check box. 1. Choose **Save**. Now, you can delete your bucket. For more information, see [Deleting a general purpose bucket](delete-bucket.md). # Deploying a static website to AWS Amplify Hosting from an S3 general purpose bucket We recommend that you use [AWS Amplify Hosting](https://docs.aws.amazon.com//amplify/latest/userguide/welcome.html.html) to host static website content stored on S3. Amplify Hosting is a fully managed service that makes it easy to deploy your websites on a globally available content delivery network (CDN) powered by Amazon CloudFront, allowing secure static website hosting without extensive setup. With AWS Amplify Hosting, you can select the location of your objects within your general purpose bucket, deploy your content to a managed CDN, and generate a public HTTPS URL for your website to be accessible anywhere. Deploying a static website using Amplify Hosting provides you with the following benefits and features: + **Deployment to the AWS content delivery network (CDN) powered by Amazon CloudFront** - CloudFront is a web service that speeds up distribution of your static and dynamic web content to your users. CloudFront delivers your content through a worldwide network of data centers called edge locations. When a user requests content that you're serving with CloudFront, the request is routed to the edge location that provides the lowest latency (time delay), so that content is delivered with the best possible performance, increased reliability and availability. For more information, see [How CloudFront delivers content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowCloudFrontWorks.html) in the *Amazon CloudFront Developer Guide*. + **HTTPS support** - Provides secure communication and data transfer between your website and a user’s web browser. + **Custom domains** - Easily connect your website to a custom URL purchased from a domain registrar such as Amazon Route 53. + **Custom SSL certificates** - When you set up your custom domain, you can use the default managed certificate that Amplify provisions for you or you can use your own custom certificate purchased from the third-party certificate authority of your choice. + **Built in metrics and CloudWatch monitoring** - Monitor traffic, errors, data transfer, and latency for your website. + **Password protection** - Restrict access to your website, by setting up a username and password requirement in the Amplify console. + **Redirects and rewrites ** - Create redirect and rewrite rules in the Amplify console to enable a web server to reroute navigation from one URL to another. When you deploy your application from an Amazon S3 general purpose bucket to Amplify Hosting, AWS charges are based on Amplify's pricing model. For more information, see [AWS Amplify Pricing](https://aws.amazon.com/amplify/pricing/). **Important** Amplify Hosting is not available in all of the AWS Regions where Amazon S3 is available. To deploy a static website to Amplify Hosting, the Amazon S3 general purpose bucket containing your website must be located in a region where Amplify is available. For the list of regions where Amplify is available, see [Amplify endpoints](https://docs.aws.amazon.com/general/latest/gr/amplify.html#amplify_region) in the *Amazon Web Services General Reference*. You can start the deployment process from the Amazon S3 console, the Amplify console, the AWS CLI, or the AWS SDKs. You can only deploy to Amplify from a general purpose bucket located in your own account. Amplify doesn't support cross-account bucket access. Use the following instructions to deploy a static website from an Amazon S3 general purpose bucket to Amplify Hosting starting from the Amazon S3 console. ## Deploying a static website to Amplify from the S3 console **To deploy a static website from the Amazon S3 console** 1. Sign in to the AWS Management Console and open the Amazon S3 console at [https://console.aws.amazon.com/s3/](https://console.aws.amazon.com/s3/). 1. In the left navigation pane, choose **Buckets**. 1. In the **Buckets** list, choose the general purpose bucket that contains the website you want to deploy to Amplify Hosting. 1. Choose the **Properties** tab. 1. Under **Static website hosting**, choose **Create Amplify app**. At this step, the deployment process will move to the Amplify console. 1. On the **Deploy with S3 ** page, do the following steps. 1. For **App name**, enter the name of your app or website. 1. For **Branch name**, enter the name of your app's backend. 1. For **S3 location of objects to host**, either enter the directory path to your general purpose bucket or choose **Browse S3** to locate and select it. 1. Choose **Save and deploy**. **Note** If you update any of the objects for a static website in your general purpose bucket hosted on Amplify, you must redeploy the application to Amplify Hosting to cause the changes to take effect. Amplify Hosting doesn't automatically detect changes to your bucket. For more information, see [Updating a static website deployed to Amplify from an S3 bucket](https://docs.aws.amazon.com//amplify/latest/userguide/update-website-deployed-from-s3.html) in the *AWS Amplify Hosting User Guide*. To start directly from the Amplify console, see [Deploying a static website from S3 using the Amplify console](https://docs.aws.amazon.com//amplify/latest/userguide/deploy--from-amplify-console.html) in the *AWS Amplify Hosting User Guide*. To get started using the AWS SDKs, see [Creating a bucket policy to deploy a static website from S3 using the AWS SDKs](https://docs.aws.amazon.com//amplify/latest/userguide/deploy-with-sdks.html) in the *AWS Amplify Hosting User Guide*.