Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
94 lines (94 sloc) 3.15 KB
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Resources:
cdn:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
DefaultCacheBehavior:
Compress: true
ForwardedValues:
Headers:
- CloudFront-Viewer-Country
Cookies:
Forward: none
QueryString: false
TargetOriginId: StackeryCDN
ViewerProtocolPolicy: redirect-to-https
LambdaFunctionAssociations:
- EventType: origin-request
LambdaFunctionARN: !GetAtt edgeFunction.VersionArn
DefaultRootObject: index.html
Enabled: true
PriceClass: PriceClass_200
Origins:
- DomainName: !GetAtt hostBucket.DomainName
Id: StackeryCDN
S3OriginConfig:
OriginAccessIdentity: !Sub origin-access-identity/cloudfront/${cdnOriginAccessIdentity}
cdnOriginAccessIdentity:
Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: Stackery
cdnBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref hostBucket
PolicyDocument:
Statement:
- Effect: Allow
Principal:
AWS: !Sub arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${cdnOriginAccessIdentity}
Action: s3:GetObject
Resource: !Sub
- ${BucketArn}/*
- BucketArn: !GetAtt hostBucket.Arn
edgeFunction:
Type: Custom::StackeryEdgeFunction
Properties:
ServiceToken: !Sub arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:stackery-agent-commander
FunctionName: !Sub ${AWS::StackName}-edgeFunction
Description: !Sub
- Stackery Stack ${StackeryStackTagName} Environment ${StackeryEnvironmentTagName} Function ${ResourceName}
- ResourceName: edgeFunction
Runtime: nodejs8.10
CodeUri: src/edgeFunction
Handler: index.handler
MemorySize: 1024
Timeout: 30
Tracing: Active
Role: !GetAtt edgeFunctionRole.Arn
edgeFunctionRole:
Type: AWS::IAM::Role
Properties:
RoleName: !Sub ${AWS::StackName}-edgeFunction
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
- edgelambda.amazonaws.com
Action: sts:AssumeRole
ManagedPolicyArns:
- arn:aws:iam::aws:policy/service-role/AWSLambdaBasicExecutionRole
- arn:aws:iam::aws:policy/AWSXrayWriteOnlyAccess
hostBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub ${AWS::StackName}-hostbucket
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: index.html
Metadata:
StackeryName: HostBucket
Parameters:
StackeryStackTagName:
Type: String
Description: Stack Name (injected by Stackery at deployment time)
StackeryEnvironmentTagName:
Type: String
Description: Environment Name (injected by Stackery at deployment time)
You can’t perform that action at this time.