{ "AWSTemplateFormatVersion": "2010-09-09", "Description": "Hosting resource stack creation using Amplify CLI", "Parameters": { "env": { "Type": "String" }, "bucketName": { "Type": "String" } }, "Conditions": { "ShouldNotCreateEnvResources": { "Fn::Equals": [ { "Ref": "env" }, "NONE" ] } }, "Resources": { "S3Bucket": { "Type": "AWS::S3::Bucket", "DeletionPolicy": "Retain", "Properties": { "BucketName": { "Fn::If": [ "ShouldNotCreateEnvResources", { "Ref": "bucketName" }, { "Fn::Join": [ "", [ { "Ref": "bucketName" }, "-", { "Ref": "env" } ] ] } ] }, "WebsiteConfiguration": { "IndexDocument": "index.html", "ErrorDocument": "index.html" }, "CorsConfiguration": { "CorsRules": [ { "AllowedHeaders": [ "Authorization", "Content-Length" ], "AllowedMethods": [ "GET" ], "AllowedOrigins": [ "*" ], "MaxAge": 3000 } ] } } }, "PrivateBucketPolicy": { "Type": "AWS::S3::BucketPolicy", "DependsOn": "OriginAccessIdentity", "Properties": { "PolicyDocument": { "Id": "MyPolicy", "Version": "2012-10-17", "Statement": [ { "Sid": "APIReadForGetBucketObjects", "Effect": "Allow", "Principal": { "CanonicalUser": { "Fn::GetAtt": [ "OriginAccessIdentity", "S3CanonicalUserId" ] } }, "Action": "s3:GetObject", "Resource": { "Fn::Join": [ "", [ "arn:aws:s3:::", { "Ref": "S3Bucket" }, "/*" ] ] } } ] }, "Bucket": { "Ref": "S3Bucket" } } }, "OriginAccessIdentity": { "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", "Properties": { "CloudFrontOriginAccessIdentityConfig": { "Comment": "CloudFrontOriginAccessIdentityConfig" } } }, "CloudFrontDistribution": { "Type": "AWS::CloudFront::Distribution", "DependsOn": [ "S3Bucket", "OriginAccessIdentity" ], "Properties": { "DistributionConfig": { "Origins": [ { "DomainName": { "Fn::GetAtt": [ "S3Bucket", "DomainName" ] }, "Id": "hostingS3Bucket", "S3OriginConfig": { "OriginAccessIdentity": { "Fn::Join": [ "", [ "origin-access-identity/cloudfront/", { "Ref": "OriginAccessIdentity" } ] ] } } } ], "Enabled": "true", "DefaultCacheBehavior": { "AllowedMethods": [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId": "hostingS3Bucket", "ForwardedValues": { "QueryString": "false" }, "ViewerProtocolPolicy": "redirect-to-https", "DefaultTTL": 86400, "MaxTTL": 31536000, "MinTTL": 60, "Compress": true }, "DefaultRootObject": "index.html", "CustomErrorResponses": [ { "ErrorCachingMinTTL": 300, "ErrorCode": 400, "ResponseCode": 200, "ResponsePagePath": "/" }, { "ErrorCachingMinTTL": 300, "ErrorCode": 403, "ResponseCode": 200, "ResponsePagePath": "/" }, { "ErrorCachingMinTTL": 300, "ErrorCode": 404, "ResponseCode": 200, "ResponsePagePath": "/" } ] } } } }, "Outputs": { "Region": { "Value": { "Ref": "AWS::Region" } }, "HostingBucketName": { "Description": "Hosting bucket name", "Value": { "Ref": "S3Bucket" } }, "WebsiteURL": { "Value": { "Fn::GetAtt": [ "S3Bucket", "WebsiteURL" ] }, "Description": "URL for website hosted on S3" }, "S3BucketSecureURL": { "Value": { "Fn::Join": [ "", [ "https://", { "Fn::GetAtt": [ "S3Bucket", "DomainName" ] } ] ] }, "Description": "Name of S3 bucket to hold website content" }, "CloudFrontDistributionID": { "Value": { "Ref": "CloudFrontDistribution" } }, "CloudFrontDomainName": { "Value": { "Fn::GetAtt": [ "CloudFrontDistribution", "DomainName" ] } }, "CloudFrontSecureURL": { "Value": { "Fn::Join": [ "", [ "https://", { "Fn::GetAtt": [ "CloudFrontDistribution", "DomainName" ] } ] ] } }, "CloudFrontOriginAccessIdentity": { "Value": { "Ref": "OriginAccessIdentity" } } } }