Created
March 4, 2020 14:25
-
-
Save sato11/17a6e26bd7ed8d8052e34640f2bb3f88 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: | | |
| A stack to manage an S3 bucket for redirecting to the apex domain, | |
| a Route 53 DNS record for using a custom domain, | |
| and a CloudFront Distribution for high availability. | |
| Parameters: | |
| AcmCertificateArn: | |
| Type: String | |
| Description: The ARN of ACM certificate. | |
| AllowedPattern: arn:aws:acm:.* | |
| DomainName: | |
| Type: String | |
| Description: The domain on which you want your website to be hosted. | |
| AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-) | |
| ConstraintDescription: must be a valid DNS zone name. | |
| HostedZone: | |
| Type: String | |
| Description: The name of an existing Amazon Route 53 hosted zone. | |
| AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-) | |
| ConstraintDescription: must be a valid DNS zone name. | |
| WebsiteBucket: | |
| Type: String | |
| Description: The name of the target bucket. | |
| Resources: | |
| RedirectBucket: | |
| Type: AWS::S3::Bucket | |
| DeletionPolicy: Retain | |
| Properties: | |
| BucketName: !Ref DomainName | |
| WebsiteConfiguration: | |
| RedirectAllRequestsTo: | |
| HostName: !Ref WebsiteBucket | |
| Protocol: https | |
| RedirectCloudFront: | |
| Type: AWS::CloudFront::Distribution | |
| DependsOn: | |
| - RedirectBucket | |
| Properties: | |
| DistributionConfig: | |
| Aliases: | |
| - !Ref DomainName | |
| Comment: !Sub ${DomainName} redirect bucket | |
| DefaultCacheBehavior: | |
| AllowedMethods: | |
| - GET | |
| - HEAD | |
| Compress: true | |
| ForwardedValues: | |
| Cookies: | |
| Forward: none | |
| QueryString: true | |
| TargetOriginId: S3Origin | |
| ViewerProtocolPolicy: redirect-to-https | |
| Enabled: true | |
| HttpVersion: 'http2' | |
| Origins: | |
| - DomainName: !Select [2, !Split ['/', !GetAtt RedirectBucket.WebsiteURL]] | |
| Id: S3Origin | |
| CustomOriginConfig: | |
| HTTPPort: '80' | |
| HTTPSPort: '443' | |
| OriginProtocolPolicy: http-only | |
| PriceClass: PriceClass_All | |
| ViewerCertificate: | |
| AcmCertificateArn: !Ref AcmCertificateArn | |
| SslSupportMethod: sni-only | |
| RedirectDNSName: | |
| Type: AWS::Route53::RecordSetGroup | |
| Properties: | |
| HostedZoneName: !Sub '${HostedZone}.' | |
| RecordSets: | |
| - Name: !Ref DomainName | |
| Type: A | |
| AliasTarget: | |
| HostedZoneId: Z2FDTNDATAQYW2 | |
| DNSName: !GetAtt [RedirectCloudFront, DomainName] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment