Skip to content

Instantly share code, notes, and snippets.

@sato11
Created March 4, 2020 14:25
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save sato11/17a6e26bd7ed8d8052e34640f2bb3f88 to your computer and use it in GitHub Desktop.
AWSTemplateFormatVersion: 2010-09-09
Description: |
A stack to manage an S3 bucket for redirecting to the apex domain,
a Route 53 DNS record for using a custom domain,
and a CloudFront Distribution for high availability.
Parameters:
AcmCertificateArn:
Type: String
Description: The ARN of ACM certificate.
AllowedPattern: arn:aws:acm:.*
DomainName:
Type: String
Description: The domain on which you want your website to be hosted.
AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
ConstraintDescription: must be a valid DNS zone name.
HostedZone:
Type: String
Description: The name of an existing Amazon Route 53 hosted zone.
AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
ConstraintDescription: must be a valid DNS zone name.
WebsiteBucket:
Type: String
Description: The name of the target bucket.
Resources:
RedirectBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Retain
Properties:
BucketName: !Ref DomainName
WebsiteConfiguration:
RedirectAllRequestsTo:
HostName: !Ref WebsiteBucket
Protocol: https
RedirectCloudFront:
Type: AWS::CloudFront::Distribution
DependsOn:
- RedirectBucket
Properties:
DistributionConfig:
Aliases:
- !Ref DomainName
Comment: !Sub ${DomainName} redirect bucket
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
Compress: true
ForwardedValues:
Cookies:
Forward: none
QueryString: true
TargetOriginId: S3Origin
ViewerProtocolPolicy: redirect-to-https
Enabled: true
HttpVersion: 'http2'
Origins:
- DomainName: !Select [2, !Split ['/', !GetAtt RedirectBucket.WebsiteURL]]
Id: S3Origin
CustomOriginConfig:
HTTPPort: '80'
HTTPSPort: '443'
OriginProtocolPolicy: http-only
PriceClass: PriceClass_All
ViewerCertificate:
AcmCertificateArn: !Ref AcmCertificateArn
SslSupportMethod: sni-only
RedirectDNSName:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneName: !Sub '${HostedZone}.'
RecordSets:
- Name: !Ref DomainName
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName: !GetAtt [RedirectCloudFront, DomainName]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment