Cloudfront S3 website

clownformation.yaml

---
AWSTemplateFormatVersion: 2010-09-09
Parameters:
  Certificate:
    Type: String
  Hostname:
    Type: String
Resources:
  Bucket:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: PublicRead
      BucketName: !Ref Hostname
      WebsiteConfiguration:
        IndexDocument: index.html
        ErrorDocument: 404.html
      CorsConfiguration:
        CorsRules:
          - AllowedOrigins: ['*']
            AllowedMethods:
              - GET
              - HEAD
              - POST
              - PUT
            AllowedHeaders: ['*']
  Policy:
    Type: AWS::S3::BucketPolicy
    Properties:
      PolicyDocument:
        Id: MyPolicy
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: '*'
            Action: 's3:GetObject'
            Resource:
              - !Sub "arn:aws:s3:::${Hostname}"
              - !Sub "arn:aws:s3:::${Hostname}/*"
      Bucket: !Ref Bucket
  CloudFront:
    Type: AWS::CloudFront::Distribution
    DependsOn:
      - Bucket
    Properties:
      DistributionConfig:
        Origins:
          - DomainName: !Sub "${Hostname}.s3-website-${AWS::Region}.amazonaws.com"
            Id: S3Origin
            CustomOriginConfig:
              HTTPPort: '80'
              HTTPSPort: '443'
              OriginProtocolPolicy: http-only
        Enabled: true
        HttpVersion: 'http2'
        Aliases:
          - !Ref Hostname
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          Compress: true
          TargetOriginId: S3Origin
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          ViewerProtocolPolicy: redirect-to-https
        PriceClass: PriceClass_All
        ViewerCertificate:
          AcmCertificateArn: !Ref Certificate
          SslSupportMethod: sni-only