Today, I hardened the communications for my financial agent, DuroMoney. Moving from a local environment to a custom domain requires surgical coordination of three AWS services.
- SSL at the Edge (ACM + CloudFront) To enable HTTPS on my React frontend, I issued a certificate in us-east-1 (a CloudFront requirement).
Algorithm: RSA 2048 for maximum compatibility.
Validation: Injected CNAME records into my IONOS DNS panel.
- Email Identity (SES + Lambda) I updated my lambda_function.py to stop using generic Gmail environment variables.
New official sender configuration
ses.send_email(
Source="ai@duromoney.com", # Identity verified in eu-north-1
Destination={'ToAddresses': [USER_EMAIL]},
# ...
)
- Native Redirection I configured a 301 HTTP redirection on the domain root to force all traffic to the www subdomain, which resolves to the AWS CDN.
The Result: An architecture with Zero Certificate Errors, ready to scale to thousands of users once production access is approved.
Top comments (0)