Skip to content

Instantly share code, notes, and snippets.

Created June 22, 2020 15:06
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
What would you like to do?
import * as aws from '@pulumi/aws';
import { dev } from './route53';
import { baseDomain } from './helpers';
const targetDomain = `docs.${baseDomain}`;
export const docsUrl = `http://${targetDomain}`;
const tenMinutes = 600;
const contentBucket = new aws.s3.Bucket('contentBucket', {});
const distributionArgs: aws.cloudfront.DistributionArgs = {
enabled: true,
// Alternate aliases the CloudFront distribution can be reached at, in addition to
// Required if you want to access the distribution via targetDomain as well.
aliases: [targetDomain],
// We only specify one origin for this distribution, the S3 content bucket.
origins: [
originId: contentBucket.arn,
domainName: contentBucket.websiteEndpoint,
customOriginConfig: {
// Amazon S3 doesn't support HTTPS connections when using an S3 bucket configured as a website endpoint.
originProtocolPolicy: 'http-only',
httpPort: 80,
httpsPort: 443,
originSslProtocols: ['TLSv1.2'],
defaultRootObject: 'index.html',
// A CloudFront distribution can configure different cache behaviors based on the request path.
// Here we just specify a single, default cache behavior which is just read-only requests to S3.
defaultCacheBehavior: {
targetOriginId: contentBucket.arn,
viewerProtocolPolicy: 'redirect-to-https',
allowedMethods: ['GET', 'HEAD', 'OPTIONS'],
cachedMethods: ['GET', 'HEAD', 'OPTIONS'],
forwardedValues: {
cookies: { forward: 'none' },
queryString: false,
minTtl: 0,
defaultTtl: tenMinutes,
maxTtl: tenMinutes,
// "All" is the most broad distribution, and also the most expensive.
// "100" is the least broad, and also the least expensive.
priceClass: 'PriceClass_100',
// You can customize error responses. When CloudFront receives an error from the origin (e.g. S3 or some other
// web service) it can return a different error code, and return the response for a different resource.
customErrorResponses: [
{ errorCode: 404, responseCode: 404, responsePagePath: '/404.html' },
restrictions: {
geoRestriction: {
restrictionType: 'none',
viewerCertificate: {
sslSupportMethod: 'sni-only',
const cdn = new aws.cloudfront.Distribution('cdn', distributionArgs);
const docsRecord = new aws.route53.Record('docs-a-record', {
name: 'docs',
type: 'A',
aliases: [
name: cdn.domainName,
zoneId: cdn.hostedZoneId,
evaluateTargetHealth: true,
zoneId: dev.zoneId,
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment