Frontend, Proxy & Route 53

This section covers Steps 16–18: configuring CloudFront as an HTTPS proxy for the Backend API, deploying the React frontend on AWS Amplify, and mapping a custom domain with Route 53.

Step 16: Configure HTTPS with CloudFront (Backend Proxy)

CloudFront acts as the public HTTPS gateway for the Backend API.

16.1 Get Started

Console: CloudFront → Create distribution

16.2 Specify Origin

16.3 Default Cache Behavior

16.4 Security & Review

• Rate limiting: ✅ Enable (Recommended — protects against API spam)

→ Click Create distribution and wait ~5 minutes for deployment.

→ Note down the CloudFront domain (e.g. https://d3xxxx.cloudfront.net) — you will use this as the API URL for the frontend.

Step 17: Deploy Frontend on Amplify

17.1 Connect Branch

1. Console: AWS Amplify → All apps → New app → Host web app.
2. Connect GitHub Repository tuankiet18-dev/SMARTINVOICE-SHIELD, select branch main.

17.2 Build Settings (amplify.yml)

Amplify auto-detects Vite. Verify under App settings → Build settings:

17.3 Environment Variables

Console: App settings → Environment variables → Add:

→ After deployment, copy the Amplify URL and update SSM parameter ALLOWED_ORIGINS.

Step 18: Configure Custom Domain (Route 53)

After deploying the frontend on Amplify, you can optionally map a custom domain.

1. Console: Route 53 → Hosted zones
2. Ensure you have a registered domain or create a new Hosted Zone.
3. Console: AWS Amplify → App settings → Domain management → Add domain
4. Enter your custom domain and click Configure domain.
5. Amplify will automatically generate SSL certificates and propose CNAME validation records.
6. Copy these CNAME records to your Route 53 Hosted Zone.
7. Wait for DNS propagation and SSL verification (can take up to a few hours, usually ~15 mins).
8. Once verified, your web interface will be accessible securely at your custom domain.