Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
195 lines (193 sloc) 6.05 KB
AWSTemplateFormatVersion: 2010-09-09
Transform: AWS::Serverless-2016-10-31
Parameters:
DomainName:
Description: QDN of the contents.
Type: String
TwitterScreenName:
Description: Retrieve Twitter Account.
Type: String
AcmCertificateArn:
Description: ACM arn you have.
Type: String
Resources:
TweetGetLambda:
Type: AWS::Serverless::Function
Properties:
Handler: tweetget # file name
Runtime: go1.x
CodeUri: lambda/build
Timeout: 300
AutoPublishAlias: latest
Environment:
Variables:
BucketName: !Ref DomainName
TwitterUseName: !Ref TwitterScreenName
S3UploadLambda:
Type: AWS::Serverless::Function
Properties:
Handler: s3upload # file name
Runtime: go1.x
CodeUri: lambda/build
Timeout: 300
AutoPublishAlias: latest
Environment:
Variables:
BucketName: !Ref DomainName
Policies:
- S3CrudPolicy:
BucketName: !Ref DomainName
-
Version: 2012-10-17
Statement:
-
Effect: Allow
Action:
- s3:PutObjectAcl
Resource:
- !Sub ["arn:aws:s3:::${DomainName}/*", {DomainName: !Ref DomainName}]
TwitterS3UploadStepFunction:
Type: AWS::StepFunctions::StateMachine
Properties:
DefinitionString:
!Sub
- |-
{
"StartAt": "FirstState",
"States": {
"FirstState": {
"Type": "Task",
"Resource": "${TweetGetLambdaArn}",
"Retry": [
{
"ErrorEquals": [ "States.ALL" ],
"IntervalSeconds": 10,
"MaxAttempts": 3,
"BackoffRate": 2
}
],
"Next": "TweetGetDoneState"
},
"TweetGetDoneState": {
"Type": "Task",
"Resource": "${S3UploadLambdaArn}",
"Retry": [
{
"ErrorEquals": [ "States.ALL" ],
"IntervalSeconds": 10,
"MaxAttempts": 3,
"BackoffRate": 2
}
],
"End": true
}
}
}
- {S3UploadLambdaArn: !GetAtt [ S3UploadLambda, Arn ], TweetGetLambdaArn: !GetAtt [ TweetGetLambda, Arn ]}
RoleArn: !GetAtt [TwitterS3UploadStepFunctionRole, Arn]
TwitterS3UploadStepFunctionRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- !Sub states.${AWS::Region}.amazonaws.com
Action: "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: StatesExecutionPolicy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- lambda:InvokeFunction
Resource: [!GetAtt [S3UploadLambda, Arn], !GetAtt [TweetGetLambda, Arn]]
# stop cron by comment out because my travel is done.
#
# TwitterS3UploadStepFunctionCloudWatchEvent:
# Type: AWS::Events::Rule
# Properties:
# ScheduleExpression: 'cron(* * * * ? *)'
# State: ENABLED
# Targets:
# - Arn: !Ref TwitterS3UploadStepFunction
# Id: twitter-s3upload-stepfunction
# RoleArn: !GetAtt [TwitterS3UploadStepFunctionCloudWatchEventRole, Arn]
# TwitterS3UploadStepFunctionCloudWatchEventRole:
# Type: AWS::IAM::Role
# Properties:
# AssumeRolePolicyDocument:
# Version: "2012-10-17"
# Statement:
# - Effect: "Allow"
# Principal:
# Service:
# - events.amazonaws.com
# Action: "sts:AssumeRole"
# Path: "/"
# Policies:
# - PolicyName: StatesExecutionPolicy
# PolicyDocument:
# Version: "2012-10-17"
# Statement:
# - Effect: Allow
# Action:
# - states:StartExecution
# Resource: [!Ref TwitterS3UploadStepFunction]
CloudFront:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Aliases:
- !Ref DomainName
Origins:
-
Id: s3
DomainName: !Sub ["${DomainName}.s3-website-${AWS::Region}.amazonaws.com", {DomainName: !Ref DomainName}]
CustomOriginConfig:
OriginProtocolPolicy: http-only
HTTPPort: 80
CacheBehaviors:
# dynamic change json
- PathPattern: "*/tweets.json"
TargetOriginId: s3
Compress: true
ForwardedValues:
Cookies: { Forward: none }
# for cache test
QueryString: true
DefaultTTL: 30
MaxTTL: 30
MinTTL: 30
ViewerProtocolPolicy: redirect-to-https
CustomErrorResponses:
- { ErrorCachingMinTTL: 5, ErrorCode: 400 }
- { ErrorCachingMinTTL: 5, ErrorCode: 403 }
- { ErrorCachingMinTTL: 5, ErrorCode: 404 }
- { ErrorCachingMinTTL: 5, ErrorCode: 405 }
- { ErrorCachingMinTTL: 5, ErrorCode: 414 }
- { ErrorCachingMinTTL: 5, ErrorCode: 500 }
- { ErrorCachingMinTTL: 5, ErrorCode: 501 }
- { ErrorCachingMinTTL: 5, ErrorCode: 502 }
- { ErrorCachingMinTTL: 5, ErrorCode: 503 }
- { ErrorCachingMinTTL: 5, ErrorCode: 504 }
DefaultCacheBehavior:
Compress: true
DefaultTTL: 86400
MaxTTL: 86400
MinTTL: 86400
ForwardedValues:
Cookies: { Forward: none }
# for cache test
QueryString: true
TargetOriginId: s3
ViewerProtocolPolicy: redirect-to-https
Enabled: true
HttpVersion: http2
ViewerCertificate:
AcmCertificateArn: !Ref AcmCertificateArn
SslSupportMethod: sni-only