Tweet
Tweet

Slide 1

Slide 1 text

Amazon CloudFront with AWS Certificate Manager @Amimoto_Ami amimoto-ami.com

Slide 2

Slide 2 text

Architecture

Slide 3

Slide 3 text

Amazon CloudFront AWS Certificate Manager w )JHITQFFEDPOUFOUEFMJWFSZ
 VTJOH$%/ w "VUPNBUFE44-DFSUJpDBUF
 NBOBHFNFOU $BOCFNBEF

Slide 4

Slide 4 text

Get SSL certification Workflow Preparations

Slide 5

Slide 5 text

Preparation

Slide 6

Slide 6 text

ɾadministrator@your_domain ɾhostmaster@your_domain ɾpostmaster@your_domain ɾwebmaster@your_domain ɾadmin@your_domain 7BMJEBUJPOFNBJMBEESFTT

Slide 7

Slide 7 text

If you have validation e-mail address and receive mails to it, no setting are required any more. 7BMJEBUJPOFNBJMBEESFTT

Slide 8

Slide 8 text

If you have no validation e-mail address, follow these steps to receive mails through AWS SES. 7BMJEBUJPOFNBJMBEESFTT

Slide 9

Slide 9 text

Set up Amazon SES Workflow Create S3 bucket Preparation

Slide 10

Slide 10 text

Set up Amazon SES Workflow Create S3 bucket Preparation

Slide 11

Slide 11 text

Amazon S3 w "NB[PO4JNQMF4UPSBHF4FSWJDF w &BTZUPVTFPCKFDUTUPSBHFTFSWJDF w 8F`MMVTFJUGPSTUPSFNFTTBHFT4&4 "NB[PO4

Slide 12

Slide 12 text

Add bucket policy Workflow Create S3 bucket

Slide 13

Slide 13 text

Add bucket policy Workflow Create S3 bucket

Slide 14

Slide 14 text

No content

Slide 15

Slide 15 text

Click [Create Bucket]

Slide 16

Slide 16 text

Input Bucket Name and Region then click [Create]

Slide 17

Slide 17 text

Add bucket policy Workflow Create S3 bucket

Slide 18

Slide 18 text

Click [Add bucket policy] in Permissions section in Properties

Slide 19

Slide 19 text

Edit Bucket Policy then [Save]

Slide 20

Slide 20 text

Bucket Policy https://docs.aws.amazon.com/ses/latest/DeveloperGuide/ receiving-email-permissions.html

Slide 21

Slide 21 text

Set up Amazon SES Workflow Create S3 bucket Preparation

Slide 22

Slide 22 text

Amazon SES w "NB[PO4JNQMF&NBJM4FSWJDF w 4FOESFDFJWFFNBJMTFSWJDF w 8F`MMVTFJUGPS$MPVE'SPOU
 FNBJMWFSJpDBUJPO "NB[PO4&4

Slide 23

Slide 23 text

Testing e-mail Workflow Create a Receipt Rule

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

Email Receiving — [Rule Sets] — [Create a Receipt Rule]

Slide 26

Slide 26 text

Click [Add Recipient] after fill in e-mail address to Recipient

Slide 27

Slide 27 text

Set displayed records to your DNS server. If your DNS is Route53, simply click [Use Route 53].

Slide 28

Slide 28 text

After clicking [Use Route 53], some checkbox will appear. Check them all then [Create Record Sets]. (only for Route 53 user)

Slide 29

Slide 29 text

Select created S3 bucket click [Next]

Slide 30

Slide 30 text

Fill in the [Rule name] then click [Next Step]

Slide 31

Slide 31 text

Setting confirmation. After confirmation, click [Create Rule Set]

Slide 32

Slide 32 text

Status turns to Enabled when you completed DNS configuration and its verification.

Slide 33

Slide 33 text

Testing e-mail Workflow Create a Receipt Rule

Slide 34

Slide 34 text

Send test mail to created e-mail address from your favourite mail client software.

Slide 35

Slide 35 text

If you find a file except AMAZON_SES_SETUP_NOTIFICATION file in S3 bucket, settings are working correct.

Slide 36

Slide 36 text

Get SSL certification

Slide 37

Slide 37 text

CloudFront Workflow Certificate Manager

Slide 38

Slide 38 text

CloudFront Workflow Certificate Manager

Slide 39

Slide 39 text

AWS Certificate Manager • SSL certification provided by AWS • Available for CloudFront and ELB • No additional fee • Automatically renewal "84$FSUJpDBUF.BOBHFS

Slide 40

Slide 40 text

No content

Slide 41

Slide 41 text

Click [Get started]

Slide 42

Slide 42 text

Input your domain name to [Domain name] field then click [Review and request]

Slide 43

Slide 43 text

After confirmation, click [Confirm and request]

Slide 44

Slide 44 text

Click [Continue]

Slide 45

Slide 45 text

You’ll see list of certificate status of domains

Slide 46

Slide 46 text

Open the verification URL with your browser in the mail in S3 bucket

Slide 47

Slide 47 text

Open verification URL with your browser, 
 then click [I Approve]

Slide 48

Slide 48 text

Success! Congratulations! You finally get SSL certification

Slide 49

Slide 49 text

Also you can check certificate request status on AWS console.

Slide 50

Slide 50 text

CloudFront Workflow Certificate Manager

Slide 51

Slide 51 text

Amazon CloudFront • AWS managed CDN service • Low latency and reduce server loads • Supports failover if a failure "NB[PO$MPVE'SPOU

Slide 52

Slide 52 text

No content

Slide 53

Slide 53 text

Choose the distribution you wants to add SSL in Distributions

Slide 54

Slide 54 text

Click [Edit] in General tab

Slide 55

Slide 55 text

Select created SSL certification in Custom SSL Certificate

Slide 56

Slide 56 text

You can see that SSL certificate is set to your domain.
 It takes a little while.

Slide 57

Slide 57 text

http://amimoto-ami.com/slack/ Feel free to contact us:

Slide 58

Slide 58 text

@Amimoto_Ami amimoto-ami.com THANK YOU! Amazon CloudFront + AWS Certificate Manager