Use Amazon Cloudfront to setup a reverse proxy#

You can use Amazon CloudFront to set up a reverse proxy so that requests to a custom domain like telemetry.yourdomain.com are forwarded to Accoil’s ingestion endpoint (in.accoil.com).

This keeps your analytics traffic under your own domain, avoids ad/tracking blockers, and simplifies compliance reviews.

Prerequisites

• Access to your AWS account with permission to create CloudFront distributions
• Access to your DNS settings (AWS Route 53 or another provider)
• A valid TLS/SSL certificate for your chosen domain (AWS Certificate Manager can create this for you automatically)

Step-by-Step Setup

1. Create a New Distribution

1. In the AWS Console, go to CloudFront → Distributions.

2. Click Create distribution.

3. In Distribution options:

   • Distribution name: give it a name (e.g. Telemetry).
   • Description: optional, e.g. “Example of setting up a reverse proxy.”
   • Distribution type: select Single website or app.

4. Under Custom domain, enter your domain (e.g. telemetry.yourdomain.com).

5. Click Check domain to confirm Route 53 can manage DNS for you.

6. Click Next.

2. Specify Origin

1. Origin type → Select Other.

2. Custom origin domain → Enter:

   in.accoil.com

3. Leave Origin path empty.

4. Under Origin settings:

   • Select Use recommended origin settings.

5. Under Cache settings:

   • Select Use recommended cache settings tailored to serving Custom origin content.

6. Click Next.

3. Security

• When prompted about Web Application Firewall (WAF), select: Do not enable security protections.
• Click Next.

4. TLS Certificate

1. If AWS manages your DNS with Route 53, CloudFront can automatically issue a certificate.

2. Select Create certificate and wait for validation.

   • You’ll see it roll through the states: Provisioned certificate → Updating zone file → Deploy records → Validate certificate.

3. Once green, click Next.

5. Review and Create

1. On the Review and create page, confirm your configuration:

   • Origin domain: in.accoil.com
   • Viewer protocol policy: Redirect HTTP to HTTPS
   • Allowed HTTP methods: GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE
   • TLS certificate: Your issued certificate for telemetry.yourdomain.com

2. Click Create distribution.

6. Route Domain to CloudFront

Once your distribution is deployed:

1. In the General tab, under Alternate domain names, click Route domains to CloudFront.
2. This creates the required DNS records (A/AAAA) pointing telemetry.yourdomain.com to your CloudFront distribution.
3. Wait for propagation (usually a few minutes).

Done

At this point, any requests sent to https://telemetry.yourdomain.com will automatically be proxied to Accoil’s ingestion service at https://in.accoil.com.

You can now use telemetry.yourdomain.com wherever you would otherwise call in.accoil.com.