-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwebsite.template.yaml
114 lines (105 loc) · 4.24 KB
/
website.template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
Description: Infrastructure for wedding website
Parameters:
WebsiteDomain:
Type: String
Description: The root domain (e.g. cnn.com) of the website
WebsiteHost:
Type: String
Description: The website host (e.g. www.cnn.com) for the website
CertificateArn:
Type: String
Description: The ARN of the TLS certificate used to protect the distribution
CloudfrontHostedZoneId:
Type: String
Description: The hosted zone ID to use for Cloudfront distributions
Default: Z2FDTNDATAQYW2
Resources:
# Route53 Hosted Zone to manage DNS records for our website
# We assume this domain is used ONLY for website hosting.
# Otherwise, you may already have DNS configured separately.
HostedZone:
Type: "AWS::Route53::HostedZone"
Properties:
Name: !Ref WebsiteDomain
# We're hosting our website in an S3 bucket corresponding to our root domain
WebsiteRootDomainBucket:
Type: "AWS::S3::Bucket"
Properties:
AccessControl: "PublicRead"
BucketName: !Ref WebsiteDomain
WebsiteConfiguration:
IndexDocument: index.html
WebsiteCloudfrontLoggingBucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: !Join ['-', [ !Ref WebsiteDomain, 'logs' ] ]
WebsiteCloudfrontDistribution:
Type: "AWS::CloudFront::Distribution"
Properties:
DistributionConfig:
Aliases:
- !Ref WebsiteDomain
- !Ref WebsiteHost
Comment: "Distribution for wedding website"
DefaultCacheBehavior:
Compress: true
ForwardedValues:
QueryString: false
Cookies:
Forward: "none"
TargetOriginId: "website"
ViewerProtocolPolicy: "redirect-to-https"
DefaultRootObject: "index.html"
Enabled: true
HttpVersion: "http2"
IPV6Enabled: true
Logging:
Bucket: !Join ['.', [!Ref WebsiteCloudfrontLoggingBucket, 's3.amazonaws.com' ] ]
Origins:
-
# We use the website URL as the origin in order to serve "clean" URLs with Gatsby.
# See https://www.gatsbyjs.org/docs/deploy-gatsby/ for more info.
DomainName: !Join ['.', [!Ref WebsiteRootDomainBucket, 's3-website-us-east-1.amazonaws.com' ] ]
Id: "website"
CustomOriginConfig:
HTTPPort: 80
OriginProtocolPolicy: http-only
ViewerCertificate:
AcmCertificateArn: !Ref CertificateArn
SslSupportMethod: "sni-only"
WebsiteAliasRecord:
Type: "AWS::Route53::RecordSet"
Properties:
HostedZoneId: !Ref HostedZone
Name: !Ref WebsiteHost
Type: A
AliasTarget:
DNSName: !GetAtt WebsiteCloudfrontDistribution.DomainName
HostedZoneId: !Ref CloudfrontHostedZoneId
WebsiteAliasAAAARecord:
Type: "AWS::Route53::RecordSet"
Properties:
HostedZoneId: !Ref HostedZone
Name: !Ref WebsiteHost
Type: AAAA
AliasTarget:
DNSName: !GetAtt WebsiteCloudfrontDistribution.DomainName
HostedZoneId: !Ref CloudfrontHostedZoneId
WebsiteAliasRootRecord:
Type: "AWS::Route53::RecordSet"
Properties:
HostedZoneId: !Ref HostedZone
Name: !Ref WebsiteDomain
Type: A
AliasTarget:
DNSName: !GetAtt WebsiteCloudfrontDistribution.DomainName
HostedZoneId: !Ref CloudfrontHostedZoneId
WebsiteAliasRootAAAARecord:
Type: "AWS::Route53::RecordSet"
Properties:
HostedZoneId: !Ref HostedZone
Name: !Ref WebsiteDomain
Type: AAAA
AliasTarget:
DNSName: !GetAtt WebsiteCloudfrontDistribution.DomainName
HostedZoneId: !Ref CloudfrontHostedZoneId