{
    "version": "https://jsonfeed.org/version/1",
    "title": "Emmanuel Allen",
    "home_page_url": "https://www.emmanuelallen.com",
    "feed_url": "https://www.emmanuelallen.com/rss/feed.json",
    "description": "Your blog description",
    "icon": "https://www.emmanuelallen.com/favicon.ico",
    "author": {
        "name": "Emmanuel Allen"
    },
    "items": [
        {
            "id": "https://www.emmanuelallen.com/articles/nextjs-static-website-cloudfront-s3",
            "content_html": "<p>While there are many ways to use Next.js to run a website I am most interested\nin it’s static site generation capability. I appreciate it’s ability to provide\na modern website experience to users while also removing the need for server\nside code execution.</p>\n<p>This guide will show you how to host a statically generated Next.js site on AWS\nCloudfront and S3. Github actions and Terraform will be used to create a CI/CD\npipeline to build and deploy changes to the site.</p>\n<p>The versions used for Terraform and the AWS providers are all the latest as of\nJune 16, 2023.</p>\n<h2>Prerequisites</h2>\n<p>Before we get started you are going to do some initial setup:</p>\n<ul>\n<li>Terraform 1.5 installed <a href=\"https://developer.hashicorp.com/terraform/tutorials/aws-get-started/install-cli\">link</a></li>\n<li>AWS CLI installed <a href=\"https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html\">link</a></li>\n<li>AWS Credentials correctly configured on your machine <a href=\"https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html\">link</a></li>\n<li>A purchased domain, I got mine from AWS. <a href=\"https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/domain-register.html\">link</a></li>\n<li>Get a free SSL certificate from ACM(in us-east-1) <a href=\"https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html\">link</a></li>\n</ul>\n<h2>End goal for this guide</h2>\n<ul>\n<li>A static website hosted at <a href=\"https://www.yourdomain.com/\">https://www.yourdomain.com/</a> with a valid SSL certificate</li>\n<li>Requests to the root Domain are redirected to the www subdomain</li>\n<li>A CI/CD pipeline to allow for simple and reliable deployment of updates</li>\n</ul>\n<h2>Next.js SSG</h2>\n<p>First to use Next.js SSG(static site generation) the nextConfig.output needs\nto be set to export and nextConfig.images.unoptimized need to be true. Having\nto turn off image optimization is a limitation of how Next.js Image component\nworks, in the coming week I will write a guide on how to restore image\noptimization functionality.</p>\n<pre class=\"language-javascript\"><code class=\"language-javascript\"><span class=\"token keyword\">const</span> nextConfig <span class=\"token operator\">=</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token literal-property property\">output</span><span class=\"token operator\">:</span> <span class=\"token string\">&#x27;export&#x27;</span><span class=\"token punctuation\">,</span>\n  <span class=\"token literal-property property\">images</span><span class=\"token operator\">:</span> <span class=\"token punctuation\">{</span> <span class=\"token literal-property property\">unoptimized</span><span class=\"token operator\">:</span> <span class=\"token boolean\">true</span> <span class=\"token punctuation\">}</span><span class=\"token punctuation\">,</span>\n  <span class=\"token spread operator\">...</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h2>Terraform</h2>\n<p>These are all the terra</p>\n<h3>S3 bucket for Terraform state files</h3>\n<p>You will need a S3 bucket to hold the Terraform state files. This is the one\npiece of infrastructure that is best to setup manually since it bootstraps\nTerraform. Chose a name for your bucket I have have gone with\n<code>yourdomain-terraform</code> for these examples.</p>\n<p>Once created give it the following policy, replace the iam arn and s3 arn to\nuse your account ID and bucket name. You can also change the Principal to\nrestrict access to a specific user or group.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token punctuation\">{</span>\n  <span class=\"token property\">&quot;Version&quot;</span>: <span class=\"token string\">&quot;2012-10-17&quot;</span>,\n  <span class=\"token property\">&quot;Statement&quot;</span>: <span class=\"token punctuation\">[</span>\n    <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">&quot;Effect&quot;</span>: <span class=\"token string\">&quot;Allow&quot;</span>,\n      <span class=\"token property\">&quot;Principal&quot;</span>: <span class=\"token punctuation\">{</span>\n        <span class=\"token property\">&quot;AWS&quot;</span>: <span class=\"token string\">&quot;arn:aws:iam::1234567890:root&quot;</span>\n      <span class=\"token punctuation\">}</span>,\n      <span class=\"token property\">&quot;Action&quot;</span>: <span class=\"token string\">&quot;s3:ListBucket&quot;</span>,\n      <span class=\"token property\">&quot;Resource&quot;</span>: <span class=\"token string\">&quot;arn:aws:s3:::yourdomain-terraform&quot;</span>\n    <span class=\"token punctuation\">}</span>,\n    <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">&quot;Effect&quot;</span>: <span class=\"token string\">&quot;Allow&quot;</span>,\n      <span class=\"token property\">&quot;Principal&quot;</span>: <span class=\"token punctuation\">{</span>\n        <span class=\"token property\">&quot;AWS&quot;</span>: <span class=\"token string\">&quot;arn:aws:iam::1234567890:root&quot;</span>\n      <span class=\"token punctuation\">}</span>,\n      <span class=\"token property\">&quot;Action&quot;</span>: <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;s3:GetObject&quot;</span>, <span class=\"token string\">&quot;s3:PutObject&quot;</span><span class=\"token punctuation\">]</span>,\n      <span class=\"token property\">&quot;Resource&quot;</span>: <span class=\"token string\">&quot;arn:aws:s3:::yourdomain-terraform/*&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">]</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>Variables</h3>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token keyword\">variable<span class=\"token type variable\"> &quot;domain_name&quot; </span></span><span class=\"token punctuation\">{</span>\n  <span class=\"token property\">type</span>        <span class=\"token punctuation\">=</span> string\n  <span class=\"token property\">description</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;The domain name for the website.&quot;</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">variable<span class=\"token type variable\"> &quot;common_tags&quot; </span></span><span class=\"token punctuation\">{</span>\n  <span class=\"token property\">description</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;Common tags you want applied to all components.&quot;</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<p>You will need a <code>terraform.tfvars</code> file to set the Terraform variables.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token property\">domain_name</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;yourdomain.com&quot;</span>\n\n<span class=\"token property\">common_tags</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">Project</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;yourdomain&quot;</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>Providers</h3>\n<p>The region can be changed from us-east-2 to one that is closer to you.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token keyword\">terraform</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">required_version</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;~&gt; 1.5&quot;</span>\n\n  <span class=\"token keyword\">required_providers</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">aws</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">source</span>  <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;hashicorp/aws&quot;</span>\n      <span class=\"token property\">version</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;~&gt; 5.2&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">backend<span class=\"token type variable\"> &quot;s3&quot; </span></span><span class=\"token punctuation\">{</span>\n    <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;yourdomain-terraform&quot;</span>\n    <span class=\"token property\">key</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;prod/terraform.tfstate&quot;</span>\n    <span class=\"token property\">region</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;us-east-2&quot;</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">provider<span class=\"token type variable\"> &quot;aws&quot; </span></span><span class=\"token punctuation\">{</span>\n  <span class=\"token property\">region</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;us-east-2&quot;</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>S3 redirect bucket</h3>\n<p>This buckets job is to redirect all requests from the root domain to the www\nsubdomain.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token comment\"># S3 bucket for redirecting root domain to www subdomain</span>\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket&quot;</span></span> <span class=\"token string\">&quot;root_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> var.domain_name\n  <span class=\"token property\">tags</span>   <span class=\"token punctuation\">=</span> var.common_tags\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_website_configuration&quot;</span></span> <span class=\"token string\">&quot;root_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.root_bucket.id\n  <span class=\"token keyword\">redirect_all_requests_to</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">host_name</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>&quot;</span>\n    <span class=\"token property\">protocol</span>  <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;https&quot;</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>S3 website content buckets</h3>\n<p>There need to be two buckets because we want to be able to serve pages at both\n<a href=\"https://www.yourdomain.com/articles\">https://www.yourdomain.com/articles</a> and <a href=\"https://www.yourdomain.com/articles/article_1\">https://www.yourdomain.com/articles/article_1</a>.</p>\n<p>The bucket for all the content not is a subdirectory.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token comment\"># Policy allowing Cloudfront to get objects from the bucket</span>\n<span class=\"token keyword\">data <span class=\"token type variable\">&quot;aws_iam_policy_document&quot;</span></span> <span class=\"token string\">&quot;www_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token keyword\">statement</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">actions</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n      <span class=\"token string\">&quot;s3:GetObject&quot;</span>,\n    <span class=\"token punctuation\">]</span>\n    <span class=\"token property\">resources</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n      <span class=\"token string\">&quot;arn:aws:s3:::www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>/*&quot;</span>,\n    <span class=\"token punctuation\">]</span>\n    <span class=\"token keyword\">principals</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">type</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;Service&quot;</span>\n      <span class=\"token property\">identifiers</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;cloudfront.amazonaws.com&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token punctuation\">}</span>\n    <span class=\"token keyword\">condition</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">test</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;StringEquals&quot;</span>\n      <span class=\"token property\">values</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span> aws_cloudfront_distribution.www_distribution.arn <span class=\"token punctuation\">]</span>\n      <span class=\"token property\">variable</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;aws:SourceArn&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token comment\"># S3 bucket for www subdomain</span>\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket&quot;</span></span> <span class=\"token string\">&quot;www_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>&quot;</span>\n  <span class=\"token property\">tags</span>   <span class=\"token punctuation\">=</span> var.common_tags\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_policy&quot;</span></span> <span class=\"token string\">&quot;www_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.www_bucket.id\n  <span class=\"token property\">policy</span> <span class=\"token punctuation\">=</span> data.aws_iam_policy_document.www_bucket.json\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_ownership_controls&quot;</span></span> <span class=\"token string\">&quot;www_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.www_bucket.id\n  <span class=\"token keyword\">rule</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">object_ownership</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;BucketOwnerPreferred&quot;</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_acl&quot;</span></span> <span class=\"token string\">&quot;www_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>aws_s3_bucket_ownership_controls.www_bucket<span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.www_bucket.id\n  <span class=\"token property\">acl</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;private&quot;</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<p>The bucket for all the content in a subdirectory.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token comment\"># Policy allowing Cloudfront to get objects from the bucket</span>\n<span class=\"token keyword\">data <span class=\"token type variable\">&quot;aws_iam_policy_document&quot;</span></span> <span class=\"token string\">&quot;subdirectories_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token keyword\">statement</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">actions</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n      <span class=\"token string\">&quot;s3:GetObject&quot;</span>,\n    <span class=\"token punctuation\">]</span>\n    <span class=\"token property\">resources</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n      <span class=\"token string\">&quot;arn:aws:s3:::www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>-subdirectories/*&quot;</span>,\n    <span class=\"token punctuation\">]</span>\n    <span class=\"token keyword\">principals</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">type</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;Service&quot;</span>\n\n      <span class=\"token property\">identifiers</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;cloudfront.amazonaws.com&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token punctuation\">}</span>\n    <span class=\"token keyword\">condition</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">test</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;StringEquals&quot;</span>\n      <span class=\"token property\">values</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span> aws_cloudfront_distribution.www_distribution.arn <span class=\"token punctuation\">]</span>\n      <span class=\"token property\">variable</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;aws:SourceArn&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token comment\"># S3 bucket for content subdirectories</span>\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket&quot;</span></span> <span class=\"token string\">&quot;subdirectories_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>-subdirectories&quot;</span>\n  <span class=\"token property\">tags</span>   <span class=\"token punctuation\">=</span> var.common_tags\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_policy&quot;</span></span> <span class=\"token string\">&quot;subdirectories_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.subdirectories_bucket.id\n  <span class=\"token property\">policy</span> <span class=\"token punctuation\">=</span> data.aws_iam_policy_document.subdirectories_bucket.json\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_ownership_controls&quot;</span></span> <span class=\"token string\">&quot;subdirectories_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.subdirectories_bucket.id\n  <span class=\"token keyword\">rule</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">object_ownership</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;BucketOwnerPreferred&quot;</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_s3_bucket_acl&quot;</span></span> <span class=\"token string\">&quot;subdirectories_bucket&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>aws_s3_bucket_ownership_controls.subdirectories_bucket<span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">bucket</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.subdirectories_bucket.id\n  <span class=\"token property\">acl</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;private&quot;</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>Cloudfront redirecting distribution</h3>\n<p>The arn of you ACM SSL certificate needs to be added manually</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token comment\"># Cloudfront distribution for root domain (redirected to www)</span>\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_cloudfront_distribution&quot;</span></span> <span class=\"token string\">&quot;root_distribution&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_s3_bucket.root_bucket\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token keyword\">origin</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">domain_name</span> <span class=\"token punctuation\">=</span> aws_s3_bucket_website_configuration.root_bucket.website_endpoint\n    <span class=\"token property\">origin_id</span>   <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-cloudfront&quot;</span>\n\n    <span class=\"token keyword\">custom_origin_config</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">http_port</span>              <span class=\"token punctuation\">=</span> <span class=\"token number\">80</span>\n      <span class=\"token property\">https_port</span>             <span class=\"token punctuation\">=</span> <span class=\"token number\">443</span>\n      <span class=\"token property\">origin_protocol_policy</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;http-only&quot;</span>\n      <span class=\"token property\">origin_ssl_protocols</span>   <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;TLSv1.2&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token property\">enabled</span>         <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n  <span class=\"token property\">is_ipv6_enabled</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n\n  <span class=\"token property\">aliases</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>var.domain_name<span class=\"token punctuation\">]</span>\n\n  <span class=\"token keyword\">default_cache_behavior</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">allowed_methods</span>  <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">cached_methods</span>   <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">target_origin_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-cloudfront&quot;</span>\n\n    <span class=\"token comment\"># The AWS managed policy CachingOptimizedForUncompressedObjects is used</span>\n    <span class=\"token property\">cache_policy_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;b2884449-e4de-46a7-ac36-70bc7f1ddd6d&quot;</span>\n\n    <span class=\"token property\">viewer_protocol_policy</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;allow-all&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">restrictions</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token keyword\">geo_restriction</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">restriction_type</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;none&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">viewer_certificate</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">acm_certificate_arn</span>      <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;{arn of acm certificate}&quot;</span>\n    <span class=\"token property\">ssl_support_method</span>       <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;sni-only&quot;</span>\n    <span class=\"token property\">minimum_protocol_version</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;TLSv1.2_2021&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token property\">tags</span> <span class=\"token punctuation\">=</span> var.common_tags\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>Cloudfront content distribution</h3>\n<p>The arn of you ACM SSL certificate needs to be added manually</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_cloudfront_origin_access_control&quot;</span></span> <span class=\"token string\">&quot;s3_access&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">name</span>                              <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3_access_control&quot;</span>\n  <span class=\"token property\">origin_access_control_origin_type</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3&quot;</span>\n  <span class=\"token property\">signing_behavior</span>                  <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;always&quot;</span>\n  <span class=\"token property\">signing_protocol</span>                  <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;sigv4&quot;</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token comment\"># Cloudfront distribution for www subdomain (main website)</span>\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_cloudfront_distribution&quot;</span></span> <span class=\"token string\">&quot;www_distribution&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_s3_bucket.www_bucket,\n    aws_s3_bucket.subdirectories_bucket\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token keyword\">origin</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">domain_name</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.www_bucket.bucket_regional_domain_name\n    <span class=\"token property\">origin_id</span>   <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-cloudfront&quot;</span>\n\n    <span class=\"token property\">origin_access_control_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_origin_access_control.s3_access.id\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">origin</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">domain_name</span> <span class=\"token punctuation\">=</span> aws_s3_bucket.subdirectories_bucket.bucket_regional_domain_name\n    <span class=\"token property\">origin_id</span>   <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-subdirectories&quot;</span>\n\n    <span class=\"token property\">origin_access_control_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_origin_access_control.s3_access.id\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token property\">enabled</span>             <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n  <span class=\"token property\">is_ipv6_enabled</span>     <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n  <span class=\"token property\">default_root_object</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;index.html&quot;</span>\n\n  <span class=\"token property\">aliases</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>&quot;</span><span class=\"token punctuation\">]</span>\n\n  <span class=\"token keyword\">custom_error_response</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">error_caching_min_ttl</span> <span class=\"token punctuation\">=</span> <span class=\"token number\">0</span>\n    <span class=\"token property\">error_code</span>            <span class=\"token punctuation\">=</span> <span class=\"token number\">404</span>\n    <span class=\"token property\">response_code</span>         <span class=\"token punctuation\">=</span> <span class=\"token number\">200</span>\n    <span class=\"token property\">response_page_path</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;/404&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">custom_error_response</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">error_code</span>            <span class=\"token punctuation\">=</span> <span class=\"token number\">403</span>\n    <span class=\"token property\">response_code</span>         <span class=\"token punctuation\">=</span> <span class=\"token number\">200</span>\n    <span class=\"token property\">error_caching_min_ttl</span> <span class=\"token punctuation\">=</span> <span class=\"token number\">0</span>\n    <span class=\"token property\">response_page_path</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;/404&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">default_cache_behavior</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">allowed_methods</span>  <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">cached_methods</span>   <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">target_origin_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-cloudfront&quot;</span>\n\n    <span class=\"token comment\"># The AWS managed policy CachingOptimized is used</span>\n    <span class=\"token property\">cache_policy_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;658327ea-f89d-4fab-a63d-7e88639e58f6&quot;</span>\n\n    <span class=\"token property\">viewer_protocol_policy</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;redirect-to-https&quot;</span>\n    <span class=\"token property\">compress</span>               <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n    <span class=\"token comment\"># The AWS managed policy SecurityHeadersPolicy is used </span>\n    <span class=\"token property\">response_headers_policy_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;67f7725c-6f97-4210-82d7-5512b31e9d03&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">ordered_cache_behavior</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">path_pattern</span>     <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;*/*&quot;</span>\n    <span class=\"token property\">allowed_methods</span>  <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">cached_methods</span>   <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span><span class=\"token string\">&quot;GET&quot;</span>, <span class=\"token string\">&quot;HEAD&quot;</span><span class=\"token punctuation\">]</span>\n    <span class=\"token property\">target_origin_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;s3-subdirectories&quot;</span>\n\n    <span class=\"token comment\"># The AWS managed policy CachingOptimized is used</span>\n    <span class=\"token property\">cache_policy_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;658327ea-f89d-4fab-a63d-7e88639e58f6&quot;</span>\n\n    <span class=\"token property\">viewer_protocol_policy</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;redirect-to-https&quot;</span>\n    <span class=\"token property\">compress</span>               <span class=\"token punctuation\">=</span> <span class=\"token boolean\">true</span>\n    <span class=\"token comment\"># The AWS managed policy SecurityHeadersPolicy is used </span>\n    <span class=\"token property\">response_headers_policy_id</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;67f7725c-6f97-4210-82d7-5512b31e9d03&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">restrictions</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token keyword\">geo_restriction</span> <span class=\"token punctuation\">{</span>\n      <span class=\"token property\">restriction_type</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;none&quot;</span>\n    <span class=\"token punctuation\">}</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token keyword\">viewer_certificate</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">acm_certificate_arn</span>      <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;{arn of acm certificate}&quot;</span>\n    <span class=\"token property\">ssl_support_method</span>       <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;sni-only&quot;</span>\n    <span class=\"token property\">minimum_protocol_version</span> <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;TLSv1.2_2021&quot;</span>\n  <span class=\"token punctuation\">}</span>\n\n  <span class=\"token property\">tags</span> <span class=\"token punctuation\">=</span> var.common_tags\n<span class=\"token punctuation\">}</span>\n</code></pre>\n<h3>Route53 DNS routing</h3>\n<p>Routes to for both IPv4 and IPv6 for both the redirecting distribution and\nthe content distribution.</p>\n<pre class=\"language-hcl\"><code class=\"language-hcl\"><span class=\"token keyword\">data <span class=\"token type variable\">&quot;aws_route53_zone&quot;</span></span> <span class=\"token string\">&quot;domain_name&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">name</span>         <span class=\"token punctuation\">=</span> var.hosted_zone\n  <span class=\"token property\">private_zone</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">false</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_route53_record&quot;</span></span> <span class=\"token string\">&quot;root_a&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_cloudfront_distribution.root_distribution\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> data.aws_route53_zone.domain_name.zone_id\n  <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> var.domain_name\n  <span class=\"token property\">type</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;A&quot;</span>\n\n  <span class=\"token keyword\">alias</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.root_distribution.domain_name\n    <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.root_distribution.hosted_zone_id\n\n    <span class=\"token property\">evaluate_target_health</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">false</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_route53_record&quot;</span></span> <span class=\"token string\">&quot;www_a&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_cloudfront_distribution.www_distribution\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> data.aws_route53_zone.domain_name.zone_id\n  <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>&quot;</span>\n  <span class=\"token property\">type</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;A&quot;</span>\n\n  <span class=\"token keyword\">alias</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.www_distribution.domain_name\n    <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.www_distribution.hosted_zone_id\n\n    <span class=\"token property\">evaluate_target_health</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">false</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_route53_record&quot;</span></span> <span class=\"token string\">&quot;root_aaaa&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_cloudfront_distribution.root_distribution\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> data.aws_route53_zone.domain_name.zone_id\n  <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> var.domain_name\n  <span class=\"token property\">type</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;AAAA&quot;</span>\n\n  <span class=\"token keyword\">alias</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.root_distribution.domain_name\n    <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.root_distribution.hosted_zone_id\n\n    <span class=\"token property\">evaluate_target_health</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">false</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n\n<span class=\"token keyword\">resource <span class=\"token type variable\">&quot;aws_route53_record&quot;</span></span> <span class=\"token string\">&quot;www_aaaa&quot;</span> <span class=\"token punctuation\">{</span>\n  <span class=\"token property\">depends_on</span> <span class=\"token punctuation\">=</span> <span class=\"token punctuation\">[</span>\n    aws_cloudfront_distribution.www_distribution\n  <span class=\"token punctuation\">]</span>\n\n  <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> data.aws_route53_zone.domain_name.zone_id\n  <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;www.<span class=\"token interpolation\"><span class=\"token punctuation\">$</span><span class=\"token punctuation\">{</span><span class=\"token keyword\">var</span><span class=\"token punctuation\">.</span><span class=\"token type variable\">domain_name</span><span class=\"token punctuation\">}</span></span>&quot;</span>\n  <span class=\"token property\">type</span>    <span class=\"token punctuation\">=</span> <span class=\"token string\">&quot;AAAA&quot;</span>\n\n  <span class=\"token keyword\">alias</span> <span class=\"token punctuation\">{</span>\n    <span class=\"token property\">name</span>    <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.www_distribution.domain_name\n    <span class=\"token property\">zone_id</span> <span class=\"token punctuation\">=</span> aws_cloudfront_distribution.www_distribution.hosted_zone_id\n\n    <span class=\"token property\">evaluate_target_health</span> <span class=\"token punctuation\">=</span> <span class=\"token boolean\">false</span>\n  <span class=\"token punctuation\">}</span>\n<span class=\"token punctuation\">}</span>\n</code></pre>",
            "url": "https://www.emmanuelallen.com/articles/nextjs-static-website-cloudfront-s3",
            "title": "How to host a Next js static website on AWS Cloudfront and S3",
            "summary": "While there are many ways to use Next.js to run a website I am most interested in it’s static site generation capability. I appreciate it’s ability to provide a modern website experience to users while also removing the need for server side code execution.",
            "date_modified": "2023-06-15T00:00:00.000Z",
            "author": {
                "name": "Emmanuel Allen"
            }
        }
    ]
}