techweek.yaml

AWSTemplateFormatVersion: '2010-09-09'

Parameters:
  Env:
    Type: String
    AllowedValues: ['dev', 'test', 'prod']
    Default: 'dev'
  Reg:
    Type: String
    AllowedValues: ['eu-central-1', 'us-east-1', 'us-west-1']
    Default: 'us-east-1'

Resources:
  "cloudfront":
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Origins:
          - DomainName: !Sub 
            - 's3-bucket-tech-week-2-awsome-${Environment}.s3.us-east-1.amazonaws.com'
            - Environment: !Ref Env 
            Id: !Sub 
            - 's3-bucket-tech-week-2-awsome-${Environment}'
            - Environment: !Ref Env 
            S3OriginConfig:
              OriginAccessIdentity: !Sub 'origin-access-identity/cloudfront/${CloudFrontOriginIdentity}'
        Enabled: 'true'
        Comment: Some comment
        DefaultRootObject: !Sub 
            - '${Environment}.html'
            - Environment: !Ref Env
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          TargetOriginId: !Sub 
            - 's3-bucket-tech-week-2-awsome-${Environment}'
            - Environment: !Ref Env 
          ForwardedValues:
            QueryString: 'false'
            Cookies:
              Forward: none
          ViewerProtocolPolicy: redirect-to-https
        ViewerCertificate:
          CloudFrontDefaultCertificate: 'true'  

  "CloudFrontOriginIdentity":
    Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
    Properties:
      CloudFrontOriginAccessIdentityConfig:
        Comment: 'origin identity'

  "bucket":
    Type: AWS::S3::Bucket
    Properties: 
      BucketName: !Sub 
            - 's3-bucket-tech-week-2-awsome-${Environment}'
            - Environment: !Ref Env 
      VersioningConfiguration: 
          Status: Enabled
      WebsiteConfiguration: 
          IndexDocument: !Sub 
            - '${Environment}.html'
            - Environment: !Ref Env
      
  "BucketPolicy":
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref bucket
      PolicyDocument:
        Id: 1
        Version: '2012-10-17'
        Statement:
          - Action: 
              - 's3:GetObject'
            Effect: Allow
            Principal: 
              AWS: !Sub 'arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${CloudFrontOriginIdentity}'
            Resource: !Sub 'arn:aws:s3:::${bucket}/*'