Static Website Hosting on Amazon S3
May 18, 2025
To host a static website on Amazon S3 with optional enhancements such as a custom domain via Route 53, global content delivery through CloudFront, and HTTPS security using AWS Certificate Manager.

AWS Services Used to host website
Amazon S3 (Simple Storage Service)
- Purpose: Stores and serves static files (HTML, CSS, JavaScript, images).
- Key Features:
- Highly durable and scalable object storage.
- Static website hosting with a public endpoint.
- Access management through Bucket Policies and IAM.
- Usage:
- Hosts your static website content.
- Configured for public read access.
- Can be integrated with CloudFront for better performance and cost optimization.
Amazon Route 53 (Optional - For Custom Domain Setup)
- Purpose: Domain Name System (DNS) service to map domain names to AWS resources.
- Key Features:
- Scalable and reliable DNS with support for custom domains.
- Alias Records to route traffic to S3 or CloudFront.
- Domain registration and DNS management.
- Usage:
- Points a domain like www.example.com to your website hosted in S3 or CloudFront.
Amazon CloudFront (Optional - For Performance & Security)
- Purpose: Global CDN to cache and distribute content closer to users.
- Key Features:
- Low-latency content delivery using AWS edge locations.
- SSL/TLS encryption (HTTPS support).
- DDoS protection and origin shielding.
- Usage:
- Speeds up website access globally.
- Enables HTTPS and security headers.
- Reduces S3 bandwidth and cost by caching assets.
AWS IAM (Identity and Access Management)
- Purpose: Controls access to AWS services and resources.
- Key Features:
- Policy-based access control.
- Fine-grained permissions.
- Supports roles, users, and groups.
- Usage:
- Manages who can access the S3 bucket and what they can do.
- Public read access is granted for website content.
AWS Certificate Manager (ACM) (Optional - For HTTPS)
- Purpose: Provides and manages SSL/TLS certificates.
- Key Features:
- Free public certificates.
- Automatic renewal.
- Integrates with CloudFront and Elastic Load Balancing.
- Usage:
- Issues HTTPS certificate for your custom domain.
- Enables secure browsing via HTTPS.
Step-by-Step Implementation on Static Website Hosting on Amazon S3
Step 1: Create an S3 Bucket and Upload Website Files
- Navigate to the S3 console.
- Click Create Bucket.
- Set a unique name (e.g., my-static-website) and choose a region.
- Uncheck "Block all public access" in the permissions section.
- Create the bucket.
- Upload your website files (index.html, styles.css, etc.) to the bucket.

Step 2: Enable Static Website Hosting
- In your S3 bucket, go to the Properties tab.
- Scroll to Static website hosting and click Edit.
- Select Enable, choose “Host a static website”.
- Specify the entry point file (e.g., index.html) and error page if needed (e.g., error.html).
- Save changes.
- Copy the website endpoint URL—you'll use this to access your site.


Step 3: Set Bucket Policy for Public Read Access
- Go to the Permissions tab > Bucket Policy.
- Add the following policy, replacing <your-bucket-name>:
✅ This allows the public to read all files in your bucket, necessary for static hosting.
🔒 Security Note: Only use this for non-sensitive, public content. Don’t store private files here.

Step 4: Map a Custom Domain Using Route 53 (Optional)
- Navigate to Route 53.
- Create a Hosted Zone for your domain (e.g., example.com).
- Create a Record Set (Type: A, Alias: Yes) pointing to your S3 Website Endpoint.
- If using www.example.com, create a CNAME pointing to example.com or the appropriate alias.
Step 5: Configure CloudFront for CDN Delivery (Optional)
- Go to CloudFront > Create Distribution.
- Choose Web and set:
- Origin Domain: Your S3 bucket.
- Viewer Protocol Policy: Redirect HTTP to HTTPS.
- Default Root Object: index.html.
- (Optional) Enable Caching, Geo Restrictions, or WAF.
- Choose your ACM SSL Certificate if HTTPS is required.
- Create the distribution and wait for it to deploy.
- Update your Route 53 record to point to the CloudFront distribution.

Step 6: Set Up HTTPS with AWS Certificate Manager (Optional)
- Navigate to AWS Certificate Manager (ACM).
- Click Request Certificate > Public Certificate.
- Enter your domain (e.g., www.example.com).
- Choose DNS Validation.
- Validate your domain through Route 53.
- Attach this certificate to your CloudFront distribution for secure HTTPS access.

Step 7: Test and Verify Your Website
- Access the site using:
- S3 website endpoint (e.g., http://my-static-website.s3-website-us-east-1.amazonaws.com)
- Or custom domain (e.g., https://www.example.com) if configured.
- Verify:
- All static assets (CSS, JS, images) load correctly.
- HTTPS is working (if enabled).
Performance via Google PageSpeed Insights or Lighthouse.
Security Tips
- Use S3 Object Ownership settings to manage access via ACL or bucket policies.
- Never store sensitive data in publicly accessible buckets.
- Use AWS WAF + CloudFront for DDoS protection.
- Monitor with CloudWatch and AWS Config for audit trails.