From @hutualive on Thu Aug 03 2017 08:23:49 GMT+0000 (UTC)
1.the certificate can be selected from the dropdown list of cloudfront, is only available to be created in us-east-1 region(N.Virginia), create from other region is not working.
2.for bare domain(example.com),suggest for the viewer policy to use redirect http to https, which is less confusing and better for the security purpose. because when we hitting www.example.com, will auto redirect to https://example.com, but when we hitting example.com, it will stay as is unless people specify https://example.com, which is not normal case.
thanks for your great tutorial : )