stack.yml

AWSTemplateFormatVersion: "2010-09-09"
Description: Static site infrastructure using CloudFront
Parameters:
  DomainName:
    Type: String
    Description: Domain name to create resources for
  CertificateARN:
    Type: String
    Description: ARN of the ACM Certificate in the us-east-1
  HostedZoneId:
    Type: String
    Description: Hosted Zone ID of the Zone to create the alias target in
Resources:
  S3Bucket:
    DeletionPolicy: Retain
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: public-read
      BucketName: !Ref DomainName
      WebsiteConfiguration:
        ErrorDocument: error.html
        IndexDocument: index.html
  CloudFrontDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Aliases:
          - !Ref DomainName
        Comment: !Sub Distribution for ${DomainName}
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          CachedMethods:
            - GET
            - HEAD
          Compress: true
          ForwardedValues:
            QueryString: false
          TargetOriginId: !Sub S3-Website-${DomainName}
          ViewerProtocolPolicy: redirect-to-https
        Enabled: true
        HttpVersion: http2
        IPV6Enabled: true
        Origins:
          - CustomOriginConfig:
              OriginProtocolPolicy: http-only
            DomainName: !Sub ${DomainName}.s3-website-${AWS::Region}.amazonaws.com
            Id: !Sub S3-Website-${DomainName}
        ViewerCertificate:
          AcmCertificateArn: !Ref CertificateARN
          MinimumProtocolVersion: TLSv1.1_2016
          SslSupportMethod: sni-only
  RecordSet:
    Type: AWS::Route53::RecordSet
    Properties:
      AliasTarget:
        DNSName: !GetAtt CloudFrontDistribution.DomainName
        HostedZoneId: Z2FDTNDATAQYW2
      Comment: !Sub Alias Targeting the ${DomainName} CloudFront Distribution
      HostedZoneId: !Ref HostedZoneId
      Name: !Ref DomainName
      Type: A