---
title: AWS Route 53 & CloudFront
description: "Proxy /docs traffic through AWS CloudFront and Route 53 to your Jamdesk site. Includes distribution setup, origin configuration, and cache behavior rules."
---

> **For AI agents:** the complete documentation index is at [llms.txt](/docs/llms.txt). Append `.md` to any page URL for its markdown version.

Set up a CloudFront distribution to forward `/docs/*` to your Jamdesk site, with Route 53 for DNS. Takes about 15 minutes.

## Prerequisites

- An AWS account with CloudFront and Route 53 access
- Your domain managed in Route 53 (or ability to update DNS elsewhere)
- Your Jamdesk subdomain (found in dashboard settings)

## Step 1: Create a CloudFront Distribution

1. Open the [CloudFront console](https://console.aws.amazon.com/cloudfront/)
2. Click **Create Distribution**
3. Configure the origin:

| Setting | Value |
|---------|-------|
| Origin domain | `YOUR_SLUG.jamdesk.app` |
| Protocol | HTTPS only |
| Name | `jamdesk-docs-origin` |

<Note>
Replace `YOUR_SLUG` with your actual Jamdesk subdomain.
</Note>

## Step 2: Configure Origin Settings

In the origin settings, add custom headers to identify your domain:

| Header name | Value |
|-------------|-------|
| `X-Forwarded-Host` | `yoursite.com` |
| `X-Jamdesk-Forwarded-Host` | `yoursite.com` |

These headers tell Jamdesk which domain is making the request. The `X-Jamdesk-Forwarded-Host` header is required for domain verification.

<Warning>
Your domain must be verified in the Jamdesk dashboard before CloudFront will serve content. Complete the DNS verification process after adding your domain.
</Warning>

## Step 3: Create Cache Behaviors

Add behaviors to route `/docs/*` and asset requests to your Jamdesk origin:

1. Go to the **Behaviors** tab
2. Click **Create Behavior**
3. Create three behaviors with these settings:

| Path pattern | Origin | Cache policy | Origin request policy |
|-------------|--------|-------------|----------------------|
| `/docs/*` | `jamdesk-docs-origin` | CachingOptimized | AllViewerExceptHostHeader |
| `/_next/*` | `jamdesk-docs-origin` | CachingOptimized | AllViewerExceptHostHeader |
| `/_jd/*` | `jamdesk-docs-origin` | CachingOptimized | AllViewerExceptHostHeader |

Set **Viewer protocol policy** to **Redirect HTTP to HTTPS** for all three.

<Note>
The `/_next/*` and `/_jd/*` behaviors are required for Next.js static assets (JS, CSS) and Jamdesk resources (fonts, images, branding) to load correctly.
</Note>

<Warning>
The `AllViewerExceptHostHeader` policy is required. It forwards all headers except `Host`, allowing Jamdesk to receive the necessary request information.
</Warning>

## Step 4: Add Alternate Domain Name

1. In the **General** tab, click **Edit**
2. Under **Alternate domain name (CNAME)**, add `yoursite.com`
3. Select or request an SSL certificate for your domain

## Step 5: Configure Route 53

Create an alias record pointing to your CloudFront distribution:

1. Open the [Route 53 console](https://console.aws.amazon.com/route53/)
2. Select your hosted zone
3. Click **Create Record**
4. Configure:

| Setting | Value |
|---------|-------|
| Record name | `yoursite.com` (or leave blank for apex) |
| Record type | A |
| Alias | Yes |
| Route traffic to | CloudFront distribution |
| Distribution | Select your distribution |

## Step 6: Verify

After DNS propagation (usually 5-15 minutes), visit `https://yoursite.com/docs` to confirm your documentation loads correctly.

## Complete CloudFront Configuration Summary

```bash
Distribution Settings:
├── Origin: YOUR_SLUG.jamdesk.app
│   ├── Custom Header: X-Forwarded-Host = yoursite.com
│   └── Custom Header: X-Jamdesk-Forwarded-Host = yoursite.com
├── Behavior: /docs/*
│   ├── Cache Policy: CachingOptimized
│   └── Origin Request Policy: AllViewerExceptHostHeader
├── Behavior: /_next/*
│   ├── Cache Policy: CachingOptimized
│   └── Origin Request Policy: AllViewerExceptHostHeader
├── Behavior: /_jd/*
│   ├── Cache Policy: CachingOptimized
│   └── Origin Request Policy: AllViewerExceptHostHeader
└── Alternate Domain: yoursite.com (with SSL certificate)
```

## Troubleshooting

<Accordion title="403 Forbidden errors">
Ensure the origin domain is exactly `YOUR_SLUG.jamdesk.app` without `https://` prefix.
</Accordion>

<Accordion title="Mixed content warnings">
Verify the Viewer protocol policy is set to "Redirect HTTP to HTTPS" and your SSL certificate is valid.
</Accordion>

<Accordion title="Stale content after updates">
Create a CloudFront invalidation for `/docs/*` to clear cached content after publishing changes.
</Accordion>

<Accordion title="403 Domain not authorized error">
If you see "Domain is not authorized to serve this content":

1. Verify your domain is registered in the Jamdesk dashboard
2. Complete DNS verification (TXT record) for your domain
3. Ensure both `X-Forwarded-Host` and `X-Jamdesk-Forwarded-Host` custom headers are set in your origin configuration
4. Check that your domain maps to the correct project

The domain must be verified before CloudFront can serve documentation.
</Accordion>

## What's Next?

<Columns cols={3}>
  <Card title="Deployment Overview" icon="cloud-arrow-up" href="/deploy/overview">
    Compare hosting options
  </Card>
  <Card title="Subpath Hosting" icon="folder-tree" href="/deploy/subpath-hosting">
    Serve docs at /docs
  </Card>
  <Card title="Custom Domains" icon="globe" href="/deploy/custom-domains">
    Verify DNS and troubleshoot
  </Card>
</Columns>