chrismckinnel/lambda-edge-step-full

## lambda-edge-step-full
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: Full stack to demo Lambda@Edge for CloudFront redirects

Parameters:
  RedirectLambdaName:
    Type: String
    Default: redirect-lambda

Resources:
  RedirectLambdaFunctionRole:
    Type: AWS::IAM::Role
    Properties:
      AssumeRolePolicyDocument:
        Version: '2012-10-17'
        Statement:
          - Effect: Allow
            Principal:
              Service:
                - 'lambda.amazonaws.com'
                - 'edgelambda.amazonaws.com'
            Action:
              - 'sts:AssumeRole'
      ManagedPolicyArns:
        - 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'

  RedirectLambdaFunction:
    Type: AWS::Serverless::Function
    Properties:
      CodeUri: lambdas/
      FunctionName: !Ref RedirectLambdaName
      Handler: RedirectLambda.handler
      Role: !GetAtt RedirectLambdaFunctionRole.Arn
      Runtime: nodejs10.x
      AutoPublishAlias: live

  CloudFront:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        DefaultCacheBehavior:
          Compress: true
          ForwardedValues:
            QueryString: true
          TargetOriginId: google-origin
          ViewerProtocolPolicy: redirect-to-https
          DefaultTTL: 0
          MaxTTL: 0
          MinTTL: 0
          LambdaFunctionAssociations:
            - EventType: viewer-request
              LambdaFunctionARN: !Ref RedirectLambdaFunction.Version
        Enabled: true
        HttpVersion: http2
        PriceClass: PriceClass_All
        Origins:
          - DomainName: www.google.com
            Id: google-origin
            CustomOriginConfig:
              OriginProtocolPolicy: https-only
	AWSTemplateFormatVersion: '2010-09-09'
	Transform: AWS::Serverless-2016-10-31
	Description: Full stack to demo Lambda@Edge for CloudFront redirects

	Parameters:
	RedirectLambdaName:
	Type: String
	Default: redirect-lambda

	Resources:
	RedirectLambdaFunctionRole:
	Type: AWS::IAM::Role
	Properties:
	AssumeRolePolicyDocument:
	Version: '2012-10-17'
	Statement:
	- Effect: Allow
	Principal:
	Service:
	- 'lambda.amazonaws.com'
	- 'edgelambda.amazonaws.com'
	Action:
	- 'sts:AssumeRole'
	ManagedPolicyArns:
	- 'arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole'

	RedirectLambdaFunction:
	Type: AWS::Serverless::Function
	Properties:
	CodeUri: lambdas/
	FunctionName: !Ref RedirectLambdaName
	Handler: RedirectLambda.handler
	Role: !GetAtt RedirectLambdaFunctionRole.Arn
	Runtime: nodejs10.x
	AutoPublishAlias: live

	CloudFront:
	Type: AWS::CloudFront::Distribution
	Properties:
	DistributionConfig:
	DefaultCacheBehavior:
	Compress: true
	ForwardedValues:
	QueryString: true
	TargetOriginId: google-origin
	ViewerProtocolPolicy: redirect-to-https
	DefaultTTL: 0
	MaxTTL: 0
	MinTTL: 0
	LambdaFunctionAssociations:
	- EventType: viewer-request
	LambdaFunctionARN: !Ref RedirectLambdaFunction.Version
	Enabled: true
	HttpVersion: http2
	PriceClass: PriceClass_All
	Origins:
	- DomainName: www.google.com
	Id: google-origin
	CustomOriginConfig:
	OriginProtocolPolicy: https-only