No CloudFront ao tentar incluir os CNAMES em Distribution Settings ocorre o seguinte erro:
com.amazonaws.services.cloudfront.model.InvalidViewerCertificateException: To add an alternate domain name (CNAME) to a CloudFront distribution, you must attach a trusted certificate that validates your authorization to use the domain name. For more details, see: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-requirements (Service: AmazonCloudFront; Status Code: 400; Error Code: InvalidViewerCertificate; Request ID: 0558f8b6-fe8a-4f4e-9cd0-2d37650590a6; Proxy: null)
Me parece que atualmente não é mais possível fazer sem ter um certificado digital.
