Hello, in my serverless.yaml file I have a resource section, which creates a bucket, is there a way to attach a CloudFront distribution for this at the same time and set a CNAMEs to this based on the serverless deployment stage?
this is my resource:
resources:
Resources:
ingestBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${file(./config.js):${opt:stage}.S3_PLAYER_SOURCE_BUCKET}
AccessControl: Private
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- PUT
- HEAD
AllowedOrigins:
- "*"
AllowedHeaders:
- "*"
exportBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${file(./config.js):${opt:stage}.S3_EXPORT_BUCKET}
AccessControl: Private
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- PUT
- HEAD
AllowedOrigins:
- "*"
AllowedHeaders:
- "*"
looking at http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-cloudfront.html how do i link the the exportBucket id and what is the correct way to add the SSL certificate for my aliase?
any advise is much appreciated
I got this to work with the following in my serverless.yml
resources:
Mappings: ${file(resources/mappings.yml)}
Resources:
ingestBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${file(./config.js):${opt:stage}.S3_PLAYER_SOURCE_BUCKET}
AccessControl: Private
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- POST
- PUT
- HEAD
AllowedOrigins:
- "*"
AllowedHeaders:
- "*"
exportBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${file(./config.js):${opt:stage}.S3_EXPORT_BUCKET}
AccessControl: Private
CorsConfiguration:
CorsRules:
- AllowedMethods:
- GET
- POST
- PUT
- HEAD
AllowedOrigins:
- "*"
AllowedHeaders:
- "*"
WebSite:
Type: "AWS::S3::Bucket"
Properties:
WebsiteConfiguration:
ErrorDocument: index.html
IndexDocument: index.html
DnsRecords: ${file(resources/${opt:stage}-dns.yml)}
CDN:
Type: "AWS::CloudFront::Distribution"
Properties:
DistributionConfig:
ViewerCertificate:
AcmCertificateArn: ${file(./config.js):${opt:stage}.CERTIFICATE_ARN}
SslSupportMethod: sni-only
Enabled: true
HttpVersion: http2
Aliases: ${file(./config.js):${opt:stage}.DOMAIN_ALIASES}
DefaultRootObject: index.html
Origins:
- DomainName: {"Fn::Join": ["", [{Ref: WebSite}, ".", {"Fn::FindInMap": [RegionMap, {Ref: "AWS::Region"}, websiteendpoint]}]]}
Id: S3Origin
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
DefaultCacheBehavior:
ViewerProtocolPolicy: allow-all
TargetOriginId: S3Origin
AllowedMethods:
- GET
- HEAD
Compress: true
DefaultTTL: 30
MinTTL: 10
ForwardedValues:
QueryString: true
mappings.yml:
---
RegionMap:
ap-northeast-1:
S3hostedzoneID: "Z2M4EHUR26P7ZW"
websiteendpoint: "s3-website-ap-northeast-1.amazonaws.com"
ap-northeast-2:
S3hostedzoneID: "Z3W03O7B5YMIYP"
websiteendpoint: "s3-website.ap-northeast-2.amazonaws.com"
ap-south-1:
S3hostedzoneID: "Z11RGJOFQNVJUP"
websiteendpoint: "s3-website.ap-south-1.amazonaws.com"
ap-southeast-1:
S3hostedzoneID: "Z3O0J2DXBE1FTB"
websiteendpoint: "s3-website-ap-southeast-1.amazonaws.com"
ap-southeast-2:
S3hostedzoneID: "Z1WCIGYICN2BYD"
websiteendpoint: "s3-website-ap-southeast-2.amazonaws.com"
eu-central-1:
S3hostedzoneID: "Z21DNDUVLTQW6Q"
websiteendpoint: "s3-website.eu-central-1.amazonaws.com"
eu-west-1:
S3hostedzoneID: "Z1BKCTXD74EZPE"
websiteendpoint: "s3-website-eu-west-1.amazonaws.com"
sa-east-1:
S3hostedzoneID: "Z7KQH4QJS55SO"
websiteendpoint: "s3-website-sa-east-1.amazonaws.com"
us-east-1:
S3hostedzoneID: "Z3AQBSTGFYJSTF"
websiteendpoint: "s3-website-us-east-1.amazonaws.com"
us-east-2:
S3hostedzoneID: "Z2O1EMRO9K5GLX"
websiteendpoint: "s3-website.us-east-2.amazonaws.com"
us-west-1:
S3hostedzoneID: "Z2F56UZL2M1ACD"
websiteendpoint: "s3-website-us-west-1.amazonaws.com"
us-west-2:
S3hostedzoneID: "Z3BJ6K6RIION7M"
websiteendpoint: "s3-website-us-west-2.amazonaws.com"
2 Likes