Created
March 4, 2020 14:25
-
-
Save sato11/4773269cb193b13a5aa511a065618492 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| AWSTemplateFormatVersion: 2010-09-09 | |
| Description: | | |
| A stack to manage an S3 bucket for hosting a static website, | |
| a Route 53 DNS record for using a custom domain, | |
| and a CloudFront Distribution for high availability. | |
| Parameters: | |
| AcmCertificateArn: | |
| Type: String | |
| Description: The ARN of ACM certificate. | |
| AllowedPattern: arn:aws:acm:.* | |
| DomainName: | |
| Type: String | |
| Description: The domain on which you want your website to be hosted. | |
| AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-) | |
| ConstraintDescription: must be a valid DNS zone name. | |
| HostedZone: | |
| Type: String | |
| Description: The name of an existing Amazon Route 53 hosted zone. | |
| AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-) | |
| ConstraintDescription: must be a valid DNS zone name. | |
| Resources: | |
| WebsiteBucket: | |
| Type: AWS::S3::Bucket | |
| DeletionPolicy: Retain | |
| Properties: | |
| AccessControl: PublicRead | |
| BucketName: !Ref DomainName | |
| WebsiteConfiguration: | |
| IndexDocument: index.html | |
| WebsiteBucketPolicy: | |
| Type: AWS::S3::BucketPolicy | |
| Properties: | |
| Bucket: !Ref WebsiteBucket | |
| PolicyDocument: | |
| Id: WebsiteBucketPolicy | |
| Version: 2012-10-17 | |
| Statement: | |
| - Sid: PublicReadForGetBucketObjects | |
| Effect: Allow | |
| Principal: '*' | |
| Action: 's3:GetObject' | |
| Resource: !Sub 'arn:aws:s3:::${WebsiteBucket}/*' | |
| WebsiteCloudfront: | |
| Type: AWS::CloudFront::Distribution | |
| DependsOn: | |
| - WebsiteBucket | |
| Properties: | |
| DistributionConfig: | |
| Aliases: | |
| - !Ref DomainName | |
| Comment: !Sub ${DomainName} static website bucket | |
| DefaultCacheBehavior: | |
| AllowedMethods: | |
| - GET | |
| - HEAD | |
| Compress: true | |
| ForwardedValues: | |
| Cookies: | |
| Forward: none | |
| QueryString: true | |
| TargetOriginId: S3Origin | |
| ViewerProtocolPolicy: redirect-to-https | |
| DefaultRootObject: index.html | |
| Enabled: true | |
| HttpVersion: 'http2' | |
| Origins: | |
| - DomainName: !Select [2, !Split ['/', !GetAtt WebsiteBucket.WebsiteURL]] | |
| Id: S3Origin | |
| CustomOriginConfig: | |
| HTTPPort: '80' | |
| HTTPSPort: '443' | |
| OriginProtocolPolicy: http-only | |
| PriceClass: PriceClass_All | |
| ViewerCertificate: | |
| AcmCertificateArn: !Ref AcmCertificateArn | |
| SslSupportMethod: sni-only | |
| WebsiteDNSName: | |
| Type: AWS::Route53::RecordSetGroup | |
| Properties: | |
| HostedZoneName: !Sub '${HostedZone}.' | |
| RecordSets: | |
| - Name: !Ref DomainName | |
| Type: A | |
| AliasTarget: | |
| HostedZoneId: Z2FDTNDATAQYW2 | |
| DNSName: !GetAtt [WebsiteCloudfront, DomainName] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment