Using AWS to Host a Static Website - Part 5
- Jamie Tyler
- Aws
- December 24, 2024
Table of Contents
In part 4 I did a walk through of creating an Amazon Route 53 public hosted zone. If AWS is registrar, that step is not required as AWS create it as part of the registration. It just made sense to walk through the steps for completeness. In this post I am walking through the steps to create SSL certificates and use DNS validation. This is achieved using AWS Certificate Manager.
The Sequence
- Retrieve the Hosted Zone ID for the domain that will be used
- Create the SSL certificates for the apex domain and www
- Use DNS validation for the SSL certificates
Retrieve the Hosted Zone ID
This is easily done using the AWSCLI. This has been tested on MacOS.
aws route53 list-hosted-zones-by-name --dns-name nostrom0.cloud \
--query 'HostedZones[?Name==`nostrom0.cloud.`].Id' --output text --region us-east-1 | sed 's/\/hostedzone\///'
This command.
- Get the hosted zone information
- Filter for a specific domain e.g. nostrom0.cloud
- Extract just the ID
- Remove the ‘/hostedzone/’ prefix using sed
The CloudFormation Template
This CloudFormation template is available here.
AWSTemplateFormatVersion: "2010-09-09"
Description: "ACM Certificate with DNS Validation for domain and www subdomain"
Parameters:
DomainName:
Type: String
Description: "The domain name for the certificate (e.g., example.com)"
HostedZoneId:
Type: String
Description: "The Route 53 Hosted Zone ID"
TagValue:
Type: String
Description: "The tag value for the certificate"
Resources:
Certificate:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: !Ref DomainName
SubjectAlternativeNames:
- !Sub "www.${DomainName}"
ValidationMethod: DNS
DomainValidationOptions:
- DomainName: !Ref DomainName
HostedZoneId: !Ref HostedZoneId
- DomainName: !Sub "www.${DomainName}"
HostedZoneId: !Ref HostedZoneId
Tags:
- Key: workload
Value: !Ref TagValue
Outputs:
CertificateArn:
Description: "ARN of the created certificate"
Value: !Ref Certificate
The parameter file.
[
{
"ParameterKey": "DomainName",
"ParameterValue": "INSERT_DOMAIN_NAME"
},
{
"ParameterKey": "HostedZoneId",
"ParameterValue": "INSERT_HOSTED_ZONE_ID"
},
{
"ParameterKey": "TagValue",
"ParameterValue": "INSERT_DOMAIN_NAME"
}
]
Deploying the CloudFormation Template
aws cloudformation create-stack --stack-name STACKNAME --template-body file://acm-ssl-certificates.yaml \
--parameters file://parameters.json --region us-east-1
The STACKNAME can be whatever you choose but I recommend it is meaningful.
Conclusion
A very simple CloudFormation template and a parameter file there is a repeatable way of setting up SSL Certificates using AWS Certificate Manager. In the next post I will walk through creating the Amazon CloudFront distribution.
