If you want cheap durable hosting that does not meltdown under traffic spikes and mostly just serves files, welcome to S3 static website hosting. This guide walks through bucket creation, public access tuning, index and error document setup, MIME types and Cache Control, and the optional CloudFront layer for HTTPS and global speed. Read it like a recipe for a reliable site and not like a legal contract.
Short version: it is inexpensive, reliable, and scales without begging developers to babysit servers. It is perfect for single page apps, docs, marketing sites, and tiny front ends that deserve to be fast.
Create an S3 bucket with a globally unique name that either matches your domain or a friendly project name. Pick a region close to your audience to shave off latency. Yes it matters, and yes it is worth a thought.
Static assets need to be public if you are serving them directly from the S3 website endpoint. If you use CloudFront you can and should restrict direct public access and let CloudFront fetch objects securely. Adjust block public access settings intentionally. Public access is fine for assets but do not leave other bucket settings wild.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadGetObject",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::your-bucket-name/*"
}
]
}
Replace your-bucket-name. This policy grants public read only to objects, not to bucket configuration or lists. Keep it narrow and intentional.
In the S3 console enable static website hosting and set an index document such as index.html and an optional error document. S3 will give you a website endpoint that serves pages over HTTP. If you want HTTPS for a custom domain, add CloudFront below.
Upload your HTML CSS JS and images. Make sure each object has a Content-Type metadata set so browsers render things correctly. If you upload from a build pipeline most tools set MIME types automatically, but double check for odd file extensions.
Use Cache-Control headers to control browser and CDN caching. Typical patterns work well and keep users happy.
CloudFront gives you HTTPS, edge caching, and global reach. Request an ACM certificate in us-east-1 if you are using a custom domain with CloudFront. For origins you can either point CloudFront at the S3 website endpoint or use the S3 REST endpoint with origin access control. If you want to lock the bucket down do not keep it public. Use an Origin Access Identity or the newer Origin Access Control to restrict direct access and have CloudFront fetch objects securely.
In DNS point your domain to the CloudFront distribution. Route 53 users can create an alias record. Other DNS providers will use an A or CNAME depending on the provider rules. Remember that the S3 website endpoint will not serve HTTPS for your custom domain so CloudFront is the path if you need SSL.
Test the S3 website URL and the CloudFront domain. Look in the browser console for 404s wrong MIME types or missing assets. Use curl -I to inspect headers and Cache-Control values. If assets are served but not updated check caching and invalidation. Invalidating CloudFront caches or bumping versioned file names fixes most grief.
There you go. Cheap durable hosting that scales, with a few knobs to tweak. Use long cache times for hashed files, keep HTML fresher, and put CloudFront in front if you need HTTPS and speed around the globe. Now go deploy and enjoy the satisfying feeling of a site that actually loads fast.
I know how you can get Azure Certified, Google Cloud Certified and AWS Certified. It's a cool certification exam simulator site called certificationexams.pro. Check it out, and tell them Cameron sent ya!
This is a dedicated watch page for a single video.