100 lines
2.7 KiB
YAML
100 lines
2.7 KiB
YAML
AWSTemplateFormatVersion: '2010-09-09'
|
|
Description: Template will deploy an s3 bucket, Route53Zone & SSL certificate to host a static website
|
|
Metadata:
|
|
License: magnet:?xt=urn:btih:1f739d935676111cfff4b4693e3816e664797050&dn=gpl-3.0.txt GPL-v3-or-Later
|
|
|
|
Parameters:
|
|
SiteName:
|
|
Type: String
|
|
Description: Name for the site
|
|
AllowedPattern: '[a-zA-Z0-9-.]{1,63}'
|
|
ConstraintDescription: must be a valid DNS name.
|
|
CertificateARN:
|
|
Type: String
|
|
|
|
Resources:
|
|
Bucket:
|
|
Type: AWS::S3::Bucket
|
|
Properties:
|
|
BucketName: !Join [-, !Split [., !Ref SiteName]]
|
|
AccessControl: PublicRead
|
|
WebsiteConfiguration:
|
|
ErrorDocument: resume.html
|
|
IndexDocument: resume.html
|
|
|
|
BucketPolicy:
|
|
Type: AWS::S3::BucketPolicy
|
|
Properties:
|
|
Bucket: !Ref Bucket
|
|
PolicyDocument:
|
|
Version: 2012-10-17
|
|
Statement:
|
|
- Sid: PublicReadGetObject
|
|
Effect: Allow
|
|
Principal: '*'
|
|
Action: s3:GetObject
|
|
Resource:
|
|
- !Sub ${Bucket.Arn}/*
|
|
|
|
Route53Zone:
|
|
Type: AWS::Route53::HostedZone
|
|
Properties:
|
|
HostedZoneConfig:
|
|
Comment: !Sub 'hosted zone for ${SiteName}'
|
|
Name: !Ref SiteName
|
|
|
|
Route53RecordIPv4:
|
|
Type: AWS::Route53::RecordSet
|
|
Properties:
|
|
AliasTarget:
|
|
DNSName: !GetAtt CloudfrontDistribution.DomainName
|
|
HostedZoneId: Z2FDTNDATAQYW2
|
|
HostedZoneId: !Ref Route53Zone
|
|
Name: !Ref SiteName
|
|
Type: A
|
|
|
|
Route53RecordIPv6:
|
|
Type: AWS::Route53::RecordSet
|
|
Properties:
|
|
AliasTarget:
|
|
DNSName: !GetAtt CloudfrontDistribution.DomainName
|
|
HostedZoneId: Z2FDTNDATAQYW2
|
|
HostedZoneId: !Ref Route53Zone
|
|
Name: !Ref SiteName
|
|
Type: AAAA
|
|
|
|
CloudfrontDistribution:
|
|
Type: AWS::CloudFront::Distribution
|
|
Properties:
|
|
DistributionConfig:
|
|
Aliases:
|
|
- !Ref SiteName
|
|
Enabled: true
|
|
HttpVersion: http2
|
|
IPV6Enabled: true
|
|
PriceClass: PriceClass_100
|
|
DefaultRootObject: resume.html
|
|
ViewerCertificate:
|
|
AcmCertificateArn: !Ref CertificateARN
|
|
SslSupportMethod: sni-only
|
|
Origins:
|
|
- Id: bucket
|
|
DomainName: !GetAtt Bucket.RegionalDomainName
|
|
S3OriginConfig:
|
|
OriginAccessIdentity: ''
|
|
DefaultCacheBehavior:
|
|
DefaultTTL: 3600
|
|
TargetOriginId: bucket
|
|
ViewerProtocolPolicy: allow-all
|
|
Compress: true
|
|
ForwardedValues:
|
|
QueryString: false
|
|
|
|
Outputs:
|
|
HostedZoneId:
|
|
Value: !Ref Route53Zone
|
|
HostedZoneRecords:
|
|
Value: !Join [",", !GetAtt Route53Zone.NameServers]
|
|
CloudfrontDistribution:
|
|
Value: !Ref CloudfrontDistribution
|