This lab is currently in Beta, content may be updated as we refine the material
LABINTERMEDIATE

CloudFront Static Site with Origin Access Control

Deploy an S3 static website behind CloudFront with Origin Access Control (OAC) and learn cache invalidation -- key SAA-C03 exam topics.

45 minutes
cloud/aws
CloudFront Static Site with Origin Access Control - Platform Engineering Hands-On Lab Icon

Lab Overview

Build a secure static website architecture using S3 and CloudFront. You will create an S3-hosted static site, front it with a CloudFront distribution using Origin Access Control (OAC) so that only CloudFront can read from the bucket, then lock down direct S3 access and practice cache invalidation.

You'll learn to:

  • Host a static website on S3 with index and error documents
  • Create a CloudFront Origin Access Control and distribution
  • Write an S3 bucket policy that grants access only to CloudFront via OAC
  • Block all public access to S3 while keeping the site available through CloudFront
  • Invalidate cached content and understand CloudFront TTL behavior

What You'll Learn

Create an S3 static website with index and error pages

Configure a CloudFront distribution with Origin Access Control

Write a bucket policy that restricts access to CloudFront only

Block direct public S3 access while preserving CloudFront delivery

Invalidate CloudFront cache and observe TTL behavior

Prerequisites

AWS CLI basics

S3 bucket fundamentals

Technologies Covered

awscloudfronts3oacstatic-websitecdncachinginvalidationsecurity

Choose your plan

Simple, Transparent Pricing

Unlock full access to TeKanAid courses, labs, and bootcamps

Buying for a team? Private corporate training is available for up to 15 learners.View team training
MonthlyQuarterly

Pro

Course content without labs

$59/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Full access to all courses
  • Progress tracking
  • Certificate of completion
  • Community access
  • Bootcamp participation
  • New content access
Recommended

Premium

Full access with hands-on labs

$99/month

Renews automatically. Cancel anytime.

Final price verified at checkout.

  • Everything in Pro
  • Unlimited hands-on labs
  • Lab AI Assistant
  • Accelerator bootcamps with live office hours
  • Priority support
Get Access Now

Prefer a single course?

Purchase individual courses for a one-time fee of $79. Full access to course content, quizzes, certificates, and community features, lab access is not included.

Browse Courses

Try it free, no credit card

Three free ways to start. All bridge into the paid Premium catalog when you're ready.

▶ Start with free courses and labs🧩 Solve your first free puzzle📧 Get the free 7-day crash course

Not ready to commit? The crash course is email-only. No academy account required.

Ready to Get Started?

Start this hands-on lab and build real-world Platform Engineering skills

Get Access Now