-
-
Save benjick/c356bf1776ae5da21cb42baf24eb3563 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import * as aws from '@pulumi/aws'; | |
import { dev } from './route53'; | |
import { baseDomain } from './helpers'; | |
const targetDomain = `docs.${baseDomain}`; | |
export const docsUrl = `http://${targetDomain}`; | |
const tenMinutes = 600; | |
const contentBucket = new aws.s3.Bucket('contentBucket', {}); | |
const distributionArgs: aws.cloudfront.DistributionArgs = { | |
enabled: true, | |
// Alternate aliases the CloudFront distribution can be reached at, in addition to https://xxxx.cloudfront.net. | |
// Required if you want to access the distribution via targetDomain as well. | |
aliases: [targetDomain], | |
// We only specify one origin for this distribution, the S3 content bucket. | |
origins: [ | |
{ | |
originId: contentBucket.arn, | |
domainName: contentBucket.websiteEndpoint, | |
customOriginConfig: { | |
// Amazon S3 doesn't support HTTPS connections when using an S3 bucket configured as a website endpoint. | |
// https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginProtocolPolicy | |
originProtocolPolicy: 'http-only', | |
httpPort: 80, | |
httpsPort: 443, | |
originSslProtocols: ['TLSv1.2'], | |
}, | |
}, | |
], | |
defaultRootObject: 'index.html', | |
// A CloudFront distribution can configure different cache behaviors based on the request path. | |
// Here we just specify a single, default cache behavior which is just read-only requests to S3. | |
defaultCacheBehavior: { | |
targetOriginId: contentBucket.arn, | |
viewerProtocolPolicy: 'redirect-to-https', | |
allowedMethods: ['GET', 'HEAD', 'OPTIONS'], | |
cachedMethods: ['GET', 'HEAD', 'OPTIONS'], | |
forwardedValues: { | |
cookies: { forward: 'none' }, | |
queryString: false, | |
}, | |
minTtl: 0, | |
defaultTtl: tenMinutes, | |
maxTtl: tenMinutes, | |
}, | |
// "All" is the most broad distribution, and also the most expensive. | |
// "100" is the least broad, and also the least expensive. | |
priceClass: 'PriceClass_100', | |
// You can customize error responses. When CloudFront receives an error from the origin (e.g. S3 or some other | |
// web service) it can return a different error code, and return the response for a different resource. | |
customErrorResponses: [ | |
{ errorCode: 404, responseCode: 404, responsePagePath: '/404.html' }, | |
], | |
restrictions: { | |
geoRestriction: { | |
restrictionType: 'none', | |
}, | |
}, | |
viewerCertificate: { | |
sslSupportMethod: 'sni-only', | |
}, | |
}; | |
const cdn = new aws.cloudfront.Distribution('cdn', distributionArgs); | |
const docsRecord = new aws.route53.Record('docs-a-record', { | |
name: 'docs', | |
type: 'A', | |
aliases: [ | |
{ | |
name: cdn.domainName, | |
zoneId: cdn.hostedZoneId, | |
evaluateTargetHealth: true, | |
}, | |
], | |
zoneId: dev.zoneId, | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment