AWS Now Supports SSL and Wildcard CNAMEs

Back in June Amazon announced support for custom SSL certificates with CloudFront, meaning you can now use your own domain name to serve content via https rather than their pesky CloudFront URLs (i.e.

The only downside was the price… $600 per month per certificate. If you needed a couple of different domains (i.e.,,, this could get expensive quickly.

Well now you can simply purchase a wildcard certificate and secure all of those domains with a single certificate.

More info can be found here and here.

Hosting Web Fonts on Amazon S3 (IE CSS3117 and Firefox bad URI or cross-site access not allowed errors)

If you’ve ever tried to host web fonts on a different domain you’ve probably run into the following errors in IE and Firefox:

Internet Explorer


Usually this is a simple matter of updating your server with the Access-Control-Allow-Origin header. Unfortunately if you’re hosting your assets on Amazon S3 or CloudFront, editing the server config to add this isn’t possible.

This problem was originally posted to the AWS forums back in 2009… and a mere 3+ years later they finally released a fix.

Simply go to the Properties pane in the S3 Management Console and edit the CORS configuration. Here’s an example configuration:

You can find more information about configuring CORS here:

Amazon Route 53 – Creating a Static Failover

Not Django but this is something quite useful…

Amazon’s Route 53 DNS service now allows you to define a static failover site hosted on S3 in case your primary site goes down.

Read more here…

Deploy to EC2 Via RightScale Using GIT_SSH

While RightScale’s built-in scripts make it simple to deploy code to an EC2 instance, they often need some tweaking to work correctly (i.e. the current version of app::do_update_code simply pulls down code, it doesn’t restart Apache or recompress assets).

The following is an example RightScript that utilizes a temporary SSH key, GIT_SSH and a sync script to automate the deployment process. (attached to above RightScript)

Creating a Custom Django Server on RightScale

UPDATE: RightScale has released version 13.2 of their server templates. I have updated the scripts to reflect the various changes and bug fixes in the new templates.

RightScale has released a beta server template for Django which makes it incredibly easy to get a server up and running on EC2. One drawback with this server template is that it is configured to work with a load balancer which isn’t always necessary.

To create a custom server template that doesn’t require a load balancer, start with the Base ServerTemplate for Linux (current version is 13.2) (be sure to use the Chef-based template rather the RightScript-based version). Then add the necessary scripts so that your boot and operational configs look like the following:

Now you’ve got a server that runs Apache, mod_wsgi and Django 1.4. It will also pull your code down from GIT or SVN and will install any PIP packages from your requirements.txt file (I prefer to install this stuff as part of the initial server config as shown below, or via a controlled server upgrade rather than automatically via requirements.txt).

But what about missing or outdated software? The following is a sample script that installs and upgrades a whole bunch of stuff. It also reconfigs Apache and runs compress. This was added as the last script in the template’s boot scripts. (Note – this script assumes you’re using the Ubuntu RightImage)

Sending Django Emails via AWS SES

Boto is the de facto standard for working with the AWS API from Python. Unfortunately their SES implementation only sends text or html emails, not both. You need to drop down to their send_raw_email method to send a multi-part email.

Using this Gist as a guideline, here’s an implementation of sending a multi-part email via a library class:

You’ll also need to add your AWS access key and secret to your settings file:

You can then use the class like this: