Follow the step-by-step instructions below to create a static website and configure CloudFront. Click on each step number to expand the section. 

  • Step 1. Select an AWS Region

    The following is a prerequisite for selecting an AWS Region.


    To simplify the configuration for this tutorial, you can configure the EUC dashboard in the same AWS Region as your AppStream 2.0 fleets and Amazon WorkSpace directories and instances.

    Important: If your AppStream 2.0 fleets and WorkSpaces directories and instances are located in multiple Regions and you want to enable these Regions in the EUC dashboard, you must perform additional configuration steps. These steps are described where applicable in Modules 3 through 5.

    You can deploy the EUC dashboard and configure your AppStream 2.0 fleets and WorkSpaces directories and instances in any Region that supports all of the services used in this tutorial. These services include CloudFront, Amazon S3, Amazon Cognito, AWS SSO, API Gateway, IAM, Lambda, AppStream 2.0, Amazon WorkSpaces, and Amazon SES.

    The supported Regions that you can choose from are:

    • US East (N. Virginia)
    • US West (Oregon)
    • Asia Pacific (Seoul)*
    • Asia Pacific (Singapore)
    • Asia Pacific (Sydney)
    • Asia Pacific (Tokyo)*
    • EU (Frankfurt)
    • EU (Ireland)

    *If you use any of these Regions, you must configure AWS SSO in a different Region, or use a different SAML identity provider.

    To select an AWS Region

    1. Sign in to the AWS Management console at
    2. Enter your email address or your AWS account ID, and then choose Next.
    3. Enter your AWS account password, and then choose Sign In.
    4. In the menu in the upper-right corner of the console, select the AWS Region that you want.
  • Step 2. Create a new Amazon S3 bucket

    You can use Amazon S3 to host static websites without having to configure or manage any web servers. Complete the following steps to create a new Amazon S3 bucket to host all of the static assets for your website. These assets include .html, .css, JavaScript, and image files.

    1. Open the Amazon S3 console at
    2. Choose Create bucket.
    3. For Bucket name, type a globally unique DNS-compliant name for your new bucket. For example: examplecorp-demo-firstname-lastname.
    4. For Region, verify that the correct Region is selected.
    5. Choose Create.
  • Step 3. Create a CloudFront web distribution

    CloudFront is a web service that speeds up distribution and provides encryption of static and dynamic web content, such as .html, .css, .js, and image files, to users. You create a CloudFront distribution to specify where you want content to be delivered from, and how to track and manage content delivery. Complete the following steps to create a distribution for the S3 bucket.

    1. Open the CloudFront console at
    2. Choose Create Distribution.
    3. Under Web, choose Get Started.
    4. For Origin Domain Name, select your S3 bucket.
    5. Leave Origin Path empty and keep the default value for Origin ID.
    6. For Restrict Bucket Access, choose Yes.
    7. For Origin Access Identity, choose Create a New Identity. Keep the default comment or enter a new one.
    8. For Grant Read Permissions on Bucket, choose Yes, Update Bucket Policy.
    9. Keep the default values for Origin Connection Attempts and Origin Connection Timeout, and leave Origin Custom Headers empty.
    10. Under Default Cache Behavior Settings, for Viewer Protocol Policy, choose Redirect HTTP to HTTPS.
    11. Keep the rest of the default settings in this section.
    12. Under Distribution Settings, for Default Root Object, enter index.html.
    13. Keep the rest of the default settings in this section.
    14. Choose Create Distribution.
    15. In the navigation pane, choose Distributions. Make a note of the domain name for the distribution. You will need this URL in the following modules:
    • Module 2, Step 5. Create a SAML identity provider in your Amazon Cognito user pool, when you specify a Callback URL.
    • Module 3, Step 3. Create a Lambda function, when you specify a URL for the origin domain.
    • Module 6, Step 1. Sign in to your dashboard and view AppStream 2.0 and Amazon WorkSpaces data.