AWS Static Website with Terraform
Fully automated static website deployment on AWS using Terraform. Implements best practices with private S3 bucket, CloudFront CDN with HTTPS, and Origin Access Control for secure content delivery.
Architecture
Infrastructure Components:
- Private S3 Bucket: Zero public access, completely private
- CloudFront CDN: Global content delivery with HTTPS enforcement
- Origin Access Control (OAC): Only CloudFront can read from S3 using SigV4 signing
Security Implementation
- S3 bucket has no public access
- CloudFront signs every request to S3 using SigV4 via OAC
- HTTPS enforced for all traffic
- Production-grade static hosting best practices
Automation
- Modular Terraform: 3 modules (s3, cloudfront, upload)
- One Command Deploy:
terraform apply - One Command Destroy:
terraform destroy
Stack
- Infrastructure: Terraform
- Cloud: AWS (S3, CloudFront, IAM)
- Security: Origin Access Control (OAC), SigV4
- CDN: CloudFront with HTTPS