Deploy the solution
Before you launch the solution, review the architecture, supported regions, and other considerations discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy the solution into your account.
Deploy the Web Console
Time to deploy: Approximately 15 minutes
Deployment steps
-
Sign in to the AWS Management Console and select the button to launch the CloudFormation template. You can also download the template as a starting point for your own implementation.
-
The template launches in the US East (N. Virginia) Region by default. To launch the solution in a different AWS Region, use the Region selector in the console navigation bar. See regional deployment for all the supported regions.
-
Under Parameters, review the parameters for the template, and modify them as necessary.
Parameter Default value Description Initial User Email - The initial user email for the web console. Initial User Name - The initial username for the web console. Initial User Password - The Initial Password for the web console. Notification Email - Email address to receive SSL certificates notification. CloudFront Log Type no You can set it to yes-Realtimeto get monitoring metrics from realtime loge, or set it toyes-Non-Realtimeto get monitoring metrics from standard log. By default, it isno, which means it will not deploy monitoring feature. See Monitoring for more information.CloudFront Domain List - The CloudFront domain name list. Use comma as separation for multiple domain names. Use 'ALL' to monitoring all domains in your AWS account Log Keeping Days 120 The number of days to keep CloudFront logs in the S3 bucket. Delete Log false You can set it to trueto delete original CloudFront standard logs in S3 bucket. By default, it isfalse. This only applies to non-realtime monitoringUse Start Time false You can set it to trueif the Time in metric data is based on start time, or set it tofalseif the Time in metric data is based on end time. This only applies to non-realtime monitoring -
Choose Next.
- On the Configure stack options page, you can specify tags (key-value pairs) for resources in your stack and set additional options, and then choose Next.
- On the Review page, review and confirm the settings. Check the boxes acknowledging that the template will create AWS Identity and Access Management (IAM) resources and any additional capabilities required.
- Choose Create to deploy the stack.
You can view the status of the stack in the CloudFormation Console in the Status column. You should receive a CREATE_COMPLETE status in approximately 15 minutes.
Follow-up Actions
To see details for the stack resources, choose the Outputs tab.
- You will find CloudFront Extensions console URL in WebConsoleCloudFrontURL. The initial user name and password are defined in InitialUserName and InitialUserPassword parameters when you deploy the CloudFormation stack. The API keys of snapshot and SSL certificates can be found in Outputs tab, For testing your API with API key, see test usage plans.
- As for monitoring API, the solution will create a nested stack whose name contains NonRealtimeNestedStack or RealtimeNestedStack, and you will find the monitoring metric API and API key in the Outputs tab of the nested stack.
The CloudFormation stack deploys below modules:
- Monitoring: If you set Monitoring to yes-Realtime or yes-Non-Realtime, it will deploy the monitoring feature. See monitoring for more details.
- Distribution management: you can manage snapshots and SSL certificates. See distribution management for more details.
- Extensions repository: you can deploy a set of ready-to-use extensions (Lambda@Edge functions, CloudFront functions, CloudFormation templates). See extensions repository for more details.
Deploy Lambda@Edge & CloudFront Functions collection
Time to deploy: Approximately 3 minutes
Deployment overview
Click below deploy button to deploy this solution in your AWS account. As for Lambda@Edge functions, you can also find and configure them by searching aws-cloudfront-extensions in the Amazon SAR (Serverless Application Repository).
Lambda@Edge
| Name | Deploy |
|---|---|
| Authentication with Cognito | |
| [Pre-warm](https://awslabs.github.io/aws-cloudfront-extensions/en/extension-repository/pre-warming/) | [](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=prewarm&templateURL=https://aws-gcr-solutions.s3.amazonaws.com/Aws-cloudfront-extensions/v2.0.0_331/custom-domain/CFEPrewarmStack.template.json) |
| [Pre-warm-use-exist-vpc](https://awslabs.github.io/aws-cloudfront-extensions/en/extension-repository/pre-warming/) | [](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=prewarm&templateURL=https://aws-gcr-solutions.s3.amazonaws.com/Aws-cloudfront-extensions/v2.0.0_331/custom-domain/CFEPrewarmStackUseExistVPC.template.json) |
| Resize picture | |
| Rate limit | |
| Anti-hotlinking | |
| Adding security header | |
| Serve content based on device type | |
| Cross origin resource sharing | |
| Modify response status code | |
| Modify response header | |
| Access origin by weight rate | |
| Failover to alternative origin | |
| Support 302 from origin | |
| Standardize query string | |
| Authentication with Alibaba Cloud | |
| Rewrite host for custom origin | |
| Serverless load balancer | |
| Custom response with new URL | |
CloudFront Functions
Lambda@Edge Deployment in SAR
- Access the AWS Serverless Application Repository page in the Console.
- Check Show apps that create custom IAM roles or resource policies.
- Search aws-cloudfront-extensions to display all extensions, and choose an application (for example, serving-based-on-device) and click Deploy.
- On the application detail page, check I acknowledge that this app creates custom IAM roles.
- Choose Deploy. After the deployment is completed, it will redirect to Lambda application page, and you can deploy it to Lambda@Edge.