Skip to content

Instantly share code, notes, and snippets.

@sekitaka

sekitaka/cloudformation-s3-site.template

Created July 29, 2017 08:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sekitaka/f2451232d35ca677f0f18b7c0841813e to your computer and use it in GitHub Desktop.
Save sekitaka/f2451232d35ca677f0f18b7c0841813e to your computer and use it in GitHub Desktop.
Download ZIP
CloudFront Template Example for s3 static website
Raw
cloudformation-s3-site.template
{
"AWSTemplateFormatVersion": "2010-09-09",
"Mappings": {
"RegionMap": {
"us-east-1": {
"S3hostedzoneID": "Z3AQBSTGFYJSTF",
"websiteendpoint": "s3-website-us-east-1.amazonaws.com"
},
"us-west-1": {
"S3hostedzoneID": "Z2F56UZL2M1ACD",
"websiteendpoint": "s3-website-us-west-1.amazonaws.com"
},
"us-west-2": {
"S3hostedzoneID": "Z3BJ6K6RIION7M",
"websiteendpoint": "s3-website-us-west-2.amazonaws.com"
},
"eu-west-1": {
"S3hostedzoneID": "Z1BKCTXD74EZPE",
"websiteendpoint": "s3-website-eu-west-1.amazonaws.com"
},
"ap-southeast-1": {
"S3hostedzoneID": "Z3O0J2DXBE1FTB",
"websiteendpoint": "s3-website-ap-southeast-1.amazonaws.com"
},
"ap-southeast-2": {
"S3hostedzoneID": "Z1WCIGYICN2BYD",
"websiteendpoint": "s3-website-ap-southeast-2.amazonaws.com"
},
"ap-northeast-1": {
"S3hostedzoneID": "Z2M4EHUR26P7ZW",
"websiteendpoint": "s3-website-ap-northeast-1.amazonaws.com"
},
"sa-east-1": {
"S3hostedzoneID": "Z31GFT0UA1I2HV",
"websiteendpoint": "s3-website-sa-east-1.amazonaws.com"
}
}
},
"Parameters": {
"RootDomainName": {
"Description": "Domain name for your website (example.com)",
"Type": "String"
}
},
"Resources": {
"MainBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"AccessControl": "PublicRead",
"WebsiteConfiguration": {
"ErrorDocument": "error.html",
"IndexDocument": "index.html"
}
},
"Metadata": {
"AWS::CloudFormation::Designer": {
"id": "9961cf24-33bd-417d-ae05-8791dd2ddca0"
}
}
},
"MainBucketPolicy": {
"Type": "AWS::S3::BucketPolicy",
"DependsOn": [
"MainBucket"
],
"Properties": {
"Bucket": {
"Ref": "MainBucket"
},
"PolicyDocument": {
"Statement": [
{
"Action": [
"s3:GetObject"
],
"Effect": "Allow",
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "MainBucket"
},
"/*"
]
]
},
"Principal": "*"
},
{
"Sid": "AddCannedAcl",
"Effect": "Allow",
"Principal": {
"AWS": {
"Fn::Join": [
"",
[
"arn:aws:iam::",
{
"Ref": "AWS::AccountId"
},
":root"
]
]
}
},
"Action": [
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "MainBucket"
},
"/*"
]
]
},
"Condition": {
"StringEquals": {
"s3:x-amz-acl": "public-read"
}
}
}
]
}
}
},
"CloudFront": {
"Type": "AWS::CloudFront::Distribution",
"DependsOn": [
"MainBucket"
],
"Properties": {
"DistributionConfig": {
"Aliases": [
{
"Ref": "RootDomainName"
}
],
"DefaultCacheBehavior": {
"DefaultTTL": 1,
"MaxTTL": 1,
"ForwardedValues": {
"QueryString": true
},
"TargetOriginId": "s3bucket",
"ViewerProtocolPolicy": "allow-all"
},
"Origins": [
{
"CustomOriginConfig": {
"OriginProtocolPolicy": "match-viewer"
},
"DomainName": {
"Fn::Join": [
"",
[
{
"Ref": "MainBucket"
},
".",
{
"Fn::FindInMap": [
"RegionMap",
{
"Ref": "AWS::Region"
},
"websiteendpoint"
]
}
]
]
},
"Id": "s3bucket"
}
],
"Enabled": true
}
}
},
"Route53HostedZone": {
"Type": "AWS::Route53::HostedZone",
"Properties": {
"Name": {
"Fn::Join": [
"",
[
{
"Ref": "RootDomainName"
},
"."
]
]
}
}
},
"Route53RecordSet": {
"Type": "AWS::Route53::RecordSet",
"Properties": {
"AliasTarget": {
"DNSName": {
"Fn::GetAtt": [
"CloudFront",
"DomainName"
]
},
"HostedZoneId": "Z2FDTNDATAQYW2"
},
"HostedZoneId": {
"Ref": "Route53HostedZone"
},
"Name": {
"Fn::Join": [
"",
[
{
"Ref": "RootDomainName"
}
]
]
},
"Type": "A"
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment