I have a project based off of one of the example repos which uses webpack to wrap up a bunch of frontend content and then ships it off to s3. This is all well and good for normal http:// custom domains, but I'm running into some issues while trying to add SSL. Afaict the only way to get SSL on an s3-hosted site with a custom domain is to create a cloudfront distribution. While the JS/CSS are all suffixed with hashes, the root index.html is just overwritten. Since it's cached by cloudfront, this is an issue when I update the code. Manually invalidating (or even automatically invalidating) on each deploy seems like a bad solution.
What is the suggested way to add SSL to this?