#aws #how-to

Setup custom AWS CloudFront CNAME

Part of: Hosting Obsidian S3 media publicly

AWS CloudFront distributions provide a random subdomain (e.g. a2cc2124adda.cloudfront.net), which comes with an SSL certificate.
If we want to use a custom domain name, we have to also setup an SSL certificate.

Here's the summary to save the trips to the various guides scattered around AWS docs.

Assuming we want to point an AWS CloudFront to use assets.example.com:

  1. On AWS Certificate Manager (ACM)
    • Create a new public certificate
    • NB: The region must be US-East N. Virginia!
    • You can also get it from somewhere else and import it
  2. On the DNS provider:
    • Add verification CNAME
    • Add CNAME and pointing from domain to distribution domain, e.g. assets.example.com -> a2cc2124adda.cloudfront.net
  3. Ensure it all works:
> dig assets.example.com
# ....
assets.example.com.	13104	IN	CNAME	a2cc2124adda.cloudfront.net.
# a2cc2124adda.cloudfront.net. 54 IN	A	3.162.78.124
# ....
  1. On AWS CloudFront
    • Find the distribution
    • Settings -> Edit
    • Set up the CNAME from the previous step, i.e. assets.example.com
    • Set up the certificate created above
  2. Done, your images should now be accessible through your prefered domain! 🍰