Skip to content

Deploy the solution

Before you launch the solution, review the architecture, supported regions, and other considerations discussed in this guide. Follow the step-by-step instructions in this section to configure and deploy the solution into your account.

Deploy the Web Console

Time to deploy: Approximately 15 minutes

Deployment steps

  1. Sign in to the AWS Management Console and select the button to launch the CloudFormation template. You can also download the template as a starting point for your own implementation.

    Deploy

  2. The template launches in the US East (N. Virginia) Region by default. To launch the solution in a different AWS Region, use the Region selector in the console navigation bar. See regional deployment for all the supported regions.

  3. Under Parameters, review the parameters for the template, and modify them as necessary.

    Parameter Default value Description
    Initial User Email - The initial user email for the web console.
    Initial User Name - The initial username for the web console.
    Initial User Password - The Initial Password for the web console.
    Notification Email - Email address to receive SSL certificates notification.
    CloudFront Log Type no You can set it to yes-Realtime to get monitoring metrics from realtime loge, or set it toyes-Non-Realtime to get monitoring metrics from standard log. By default, it is no, which means it will not deploy monitoring feature. See Monitoring for more information.
    CloudFront Domain List - The CloudFront domain name list. Use comma as separation for multiple domain names. Use 'ALL' to monitoring all domains in your AWS account
    Log Keeping Days 120 The number of days to keep CloudFront logs in the S3 bucket.
    Delete Log false You can set it to true to delete original CloudFront standard logs in S3 bucket. By default, it is false. This only applies to non-realtime monitoring
    Use Start Time false You can set it to true if the Time in metric data is based on start time, or set it to false if the Time in metric data is based on end time. This only applies to non-realtime monitoring

  4. Choose Next.

  5. On the Configure stack options page, you can specify tags (key-value pairs) for resources in your stack and set additional options, and then choose Next.
  6. On the Review page, review and confirm the settings. Check the boxes acknowledging that the template will create AWS Identity and Access Management (IAM) resources and any additional capabilities required.
  7. Choose Create to deploy the stack.

You can view the status of the stack in the CloudFormation Console in the Status column. You should receive a CREATE_COMPLETE status in approximately 15 minutes.

Follow-up Actions

To see details for the stack resources, choose the Outputs tab.

  • You will find CloudFront Extensions console URL in WebConsoleCloudFrontURL. The initial user name and password are defined in InitialUserName and InitialUserPassword parameters when you deploy the CloudFormation stack. The API keys of snapshot and SSL certificates can be found in Outputs tab, For testing your API with API key, see test usage plans.
  • As for monitoring API, the solution will create a nested stack whose name contains NonRealtimeNestedStack or RealtimeNestedStack, and you will find the monitoring metric API and API key in the Outputs tab of the nested stack.

The CloudFormation stack deploys below modules:

  • Monitoring: If you set Monitoring to yes-Realtime or yes-Non-Realtime, it will deploy the monitoring feature. See monitoring for more details.
  • Distribution management: you can manage snapshots and SSL certificates. See distribution management for more details.
  • Extensions repository: you can deploy a set of ready-to-use extensions (Lambda@Edge functions, CloudFront functions, CloudFormation templates). See extensions repository for more details.

Deploy Lambda@Edge & CloudFront Functions collection

Time to deploy: Approximately 3 minutes

Deployment overview

Click below deploy button to deploy this solution in your AWS account. As for Lambda@Edge functions, you can also find and configure them by searching aws-cloudfront-extensions in the Amazon SAR (Serverless Application Repository).

Lambda@Edge

Name Deploy
Authentication with Cognito Deploy
Resize picture Deploy
Rate limit Deploy
Anti-hotlinking Deploy
Adding security header Deploy
Serve content based on device type Deploy
Cross origin resource sharing Deploy
Modify response status code Deploy
Modify response header Deploy
Access origin by weight rate Deploy
Failover to alternative origin Deploy
Support 302 from origin Deploy
Standardize query string Deploy
Authentication with Alibaba Cloud Deploy
Rewrite host for custom origin Deploy
Serverless load balancer Deploy
Custom response with new URL Deploy

CloudFront Functions

Name Deploy
Add security headers Deploy
Cross origin resource sharing Deploy
Add cache control headers Deploy
Add origin headers Deploy
Add true client IP headers Deploy
Redirect based on country Deploy
Default dir index Deploy
Verify JSON web token Deploy
Customize request host Deploy

Lambda@Edge Deployment in SAR

  1. Access the AWS Serverless Application Repository page in the Console.
  2. Check Show apps that create custom IAM roles or resource policies.
  3. Search aws-cloudfront-extensions to display all extensions, and choose an application (for example, serving-based-on-device) and click Deploy.
  4. On the application detail page, check I acknowledge that this app creates custom IAM roles.
  5. Choose Deploy. After the deployment is completed, it will redirect to Lambda application page, and you can deploy it to Lambda@Edge.