What I've done:
created and registered a domain
got an ssl certificate from ACM, creatied the relevant CNAME records.
Created the cloud front distribution with origin as the website endpoint, and recognizing all domains that have CNAMEs in the hosted zone for the domain/acm cert.
The S3 bucket website endpoint is still accessible (and unsecured). I would like to only have the registered domain (and cloud front url, if necessary) accessible - I'm trying to remove the s3 bucket website endpoint for public access in browsers.
# What I've tried:
# Current Thoughts:
this is my first post so sorry about any formatting issues.
Yes, you can hide/disable the S3 Website Endpoint and use a private bucket as the origin for CloudFront Distribution.
Your thought process is correct.
To make sure everything is working, we can go back to the beginning:
Here are some step-by-step tutorials about how to do it:
If you are using infrastructure-as-code via CDK, I have a construct example:
You can extend it and add your custom domain/SSL as needed.