Static website with HTTPS and customized domain using S3, CloudFront and Route 53

1 Create S3 bucket named as demo.example.com
2 Create IAM user(user-demo.example.com) for uploading content
3 Update S3 bucket policy (Update aws account, bucket name and username based on your own configuration)
4 Enable static website hosting in S3 bucket properties and record Endpoint like below:
5 Upload content to s3 and test website using above URL
6 Request a SSL Certificate using “Certificate Manager” for your own domain
7 Create Web distribution in CloudFront using below settings
8 Create a CNAME record in Route 53 for your domain and point to CloudFront domain name

1 Create S3 bucket named as demo.example.com

2 Create IAM user(user-demo.example.com) for uploading content

3 Update S3 bucket policy (Update aws account, bucket name and username based on your own configuration)

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "PublicReadGetObject",
            "Effect": "Allow",
            "Principal": "*",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::demo.example.com/*"
        },
        {
            "Sid": "Allow-deployment-To-Bucket",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<aws-account>:user/user-demo.example.com"
            },
            "Action": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectAcl",
                "s3:GetObject",
                "s3:GetObjectAcl",
                "s3:DeleteObject"
            ],
            "Resource": [
                "arn:aws:s3:::demo.example.com",
                "arn:aws:s3:::demo.example.com/*"
            ]
        }
    ]
}

4 Enable static website hosting in S3 bucket properties and record Endpoint like below:

http://demo.example.com.s3-website-us-west-2.amazonaws.com

5 Upload content to s3 and test website using above URL

6 Request a SSL Certificate using “Certificate Manager” for your own domain

7 Create Web distribution in CloudFront using below settings

Origin Domain Name	demo.example.com.s3-website-us-west-2.amazonaws.com
Alternate Domain name	demo.example.com
SSL Certificate	Custom SSL Certificate, and choose requested SSL Certificate in previous step

It takes some time for this to take effect.

If you need update website content, you might need to invalidate CloudFront edge caches in some cases.

8 Create a CNAME record in Route 53 for your domain and point to CloudFront domain name

Once DNS is working, you should be able to access your website using HTTPS with your own domain.