AWS Cloud Project

Static Website
on the Cloud

A production-grade static site deployment using Amazon Web Services — S3, CloudFront, Route 53, ACM, CloudWatch & SNS. Secure, fast, and monitored.

View Architecture Explore Services
scroll
6
AWS Services
SSL
Encrypted via ACM
CDN
Global Edge Network
$0
Subdomain Cost
24/7
Monitoring Active

System Design

Architecture Overview

A fully serverless, globally distributed static site with end-to-end encryption and real-time alerting.

🌐
User
Browser / Client
🛡️
Route 53
DNS + Subdomain
🔒
ACM
SSL / TLS Cert
CloudFront
CDN + Edge Cache
🪣
S3 Bucket
Static File Storage
📊
CloudWatch
Metrics & Logs
🔔
SNS
Alerts & Notifications

Tech Stack

AWS Services Used

Every layer of the stack is handled by a purpose-built AWS service, making it reliable, scalable and cost-effective.

🪣
Amazon S3
Storage

Hosts all static files — HTML, CSS, JavaScript, and assets — in a highly durable, scalable object storage bucket with static website hosting enabled.

Static website hosting enabled
Bucket policy for CloudFront OAI
Versioning for safe rollbacks
11 nines of durability (99.999999999%)
CloudFront
CDN / Edge

Globally distributes the site through 400+ edge locations, dramatically reducing latency, offloading S3, and enforcing HTTPS via ACM certificate.

400+ global edge locations
HTTPS redirect enforced
Custom error page (404)
Origin Access Identity (OAI)
🌐
Route 53
DNS Routing

Handles DNS resolution for the subdomain. An Alias record points directly to the CloudFront distribution for latency-based, highly available routing — completely free.

Free subdomain (no domain cost)
Alias A record → CloudFront
99.99% DNS SLA
Health checks configurable
🔒
ACM
SSL / TLS

AWS Certificate Manager provisions and auto-renews a free SSL/TLS certificate, enabling HTTPS on the CloudFront distribution — no manual renewal needed.

Free public SSL certificate
Auto-renewal (zero effort)
DNS validation via Route 53
TLS 1.2 / 1.3 support
📊
CloudWatch
Monitoring

Collects CloudFront metrics — requests, error rates, cache hits, origin latency — and triggers alarms when thresholds are breached, feeding into SNS.

CloudFront distribution metrics
5xx error rate alarm
Request count monitoring
Custom dashboards
🔔
SNS
Alerting

Simple Notification Service delivers real-time email (or SMS) alerts whenever a CloudWatch alarm fires, keeping you informed of any site anomalies instantly.

Email alerts on alarm state
Topic subscribed to CloudWatch
Instant anomaly notification
Free tier covers most usage

Request Lifecycle

How a request flows

From browser to S3 — every hop is secure, cached, and monitored.

DNS Lookup
User types the subdomain. Route 53 resolves it to the nearest CloudFront edge POP via an Alias record.
TLS Handshake
CloudFront presents the ACM certificate. Browser verifies and establishes an encrypted HTTPS session.
Cache Check
CloudFront checks its edge cache. On a hit, files are returned in milliseconds — S3 is never touched.
Origin Fetch
On a cache miss, CloudFront fetches from S3 via OAI (private), caches the response at the edge, then serves it.
Alert & Monitor
CloudWatch tracks metrics 24/7. If error rates spike, an SNS alarm fires and you get an email immediately.

Technology

Full stack at a glance

Amazon S3 CloudFront Route 53 ACM (SSL) CloudWatch SNS OAI HTTPS Edge Caching Static Hosting Serverless Free Subdomain DNS Alias Record Alarm & Alert