AWS Project: Secure Static Hosting with S3 + CloudFront OAC | Week 4 Practical Devops bootcamp скачать в хорошем качестве

AWS Project: Secure Static Hosting with S3 + CloudFront OAC | Week 4 Practical Devops bootcamp

Securing S3 Static Websites with Amazon CloudFront (OAC) | Practical DevOps Week 4 In this video, I walk through the Week 4 project of the Practical DevOps series. The goal is to move beyond basic S3 hosting by implementing a secure, professional architecture using Amazon CloudFront and Origin Access Control (OAC). Many beginners leave their S3 buckets public, which is a significant security risk. Here, I demonstrate how to keep your bucket private while still serving your website globally with low latency. 📑 What’s covered in this demo: S3 Setup: Creating a bucket and enabling Static Website Hosting. Security First: Keeping "Block Public Access" enabled to protect the origin. CloudFront Distribution: Setting up a CDN to serve content from edge locations. OAC Configuration: Generating and applying the S3 Bucket Policy to allow CloudFront-only access. Deployment & Testing: Verifying the site works via the CloudFront URL while the S3 URL remains restricted. 🛠️ Tools Used: Amazon S3: Object storage for website assets (HTML, CSS, JS). Amazon CloudFront: Content Delivery Network (CDN) for caching and SSL. AWS IAM/OAC: To manage secure permissions between services. 💡 Why this architecture? By using CloudFront, we ensure that our website is delivered with high speed to users regardless of their location, while the S3 bucket remains invisible to the public internet—aligning with the Principle of Least Privilege.