-
Notifications
You must be signed in to change notification settings - Fork 0
/
template.yaml
134 lines (125 loc) · 4.42 KB
/
template.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
Build Template for Cloud Resume Challenge by Ian Cahall
# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
Function:
Timeout: 3
#Establish publicly viewable S3 bucket and point to Index.html as Index doc
Resources:
MyWebsite:
Type: AWS::S3::Bucket
Properties:
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
BucketName: ian-cahall-cloud-website
#Create DynamoDB Table with necessary attributes to work correctly
DynamoDBTable:
Type: AWS::DynamoDB::Table
Properties:
TableName: visitors
BillingMode: PAY_PER_REQUEST
AttributeDefinitions:
- AttributeName: "ID"
AttributeType: "S"
KeySchema:
- AttributeName: "ID"
KeyType: "HASH"
#create new Route53 that points to CloudFront Distro
MyRoute53Record:
Type: "AWS::Route53::RecordSetGroup"
Properties:
HostedZoneId: Z009465335CW1A502K3VY
RecordSets:
- Name: ian-cahall-resume.com
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName: !GetAtt MyDistribution.DomainName
#Apply my SSL Certificate so that my custom domain allows HTTPS traffic
MyCertificate:
Type: AWS::CertificateManager::Certificate
Properties:
DomainName: ian-cahall-resume.com
ValidationMethod: DNS
#Establish Cloudfront Distro that routes traffic from custom domain to S3 Static Website with necessary settings
MyDistribution:
Type: "AWS::CloudFront::Distribution"
Properties:
DistributionConfig:
ViewerCertificate:
AcmCertificateArn: !Ref MyCertificate
SslSupportMethod: sni-only
Aliases:
- ian-cahall-resume.com
DefaultCacheBehavior:
ViewerProtocolPolicy: allow-all
TargetOriginId: ian-cahall-cloud-website.s3.us-east-1.amazonaws.com
DefaultTTL: 0
MinTTL: 0
MaxTTL: 0
ForwardedValues:
QueryString: false
Origins:
- DomainName: ian-cahall-cloud-website.s3.us-east-1.amazonaws.com
Id: ian-cahall-cloud-website.s3.us-east-1.amazonaws.com
CustomOriginConfig:
OriginProtocolPolicy: match-viewer
Enabled: true
DefaultRootObject: index.html
#Create Get Lambda Function that pulls visitor count from my DynamoDB
GetFunction:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
Policies:
- DynamoDBCrudPolicy:
TableName: visitors
CodeUri: getFunction/
Handler: app.lambda_handler
Runtime: python3.9
Architectures:
- x86_64
Events:
GetFunction:
Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
Properties:
Path: /get
Method: get
#Create Put Function that increases viewer count on refresh and stores new number in my DynamoDB Table
PutFunction:
Type: AWS::Serverless::Function # More info about Function Resource: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#awsserverlessfunction
Properties:
Policies:
- DynamoDBCrudPolicy:
TableName: visitors
CodeUri: putFunction/
Handler: app.lambda_handler
Runtime: python3.9
Architectures:
- x86_64
Events:
PutFunction:
Type: Api # More info about API Event Source: https://github.com/awslabs/serverless-application-model/blob/master/versions/2016-10-31.md#api
Properties:
Path: /put
Method: get
#Establish policy for my S3 Bucket that has it function as a Static Website
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
PolicyDocument:
Id: MyPolicy
Version: 2012-10-17
Statement:
- Sid: PublicReadForGetBucketObjects
Effect: Allow
Principal: "*"
Action: "s3:GetObject"
Resource: !Join
- ""
- - "arn:aws:s3:::"
- !Ref MyWebsite
- /*
Bucket: !Ref MyWebsite