iamerrorgenerator/scripts/cfn/iamerror.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: "I AM ERROR. generator static site"

Resources:
  IAmErrorSiteBucket:
    Type: "AWS::S3::Bucket"
    Properties:
      BucketName: "iamerrorgenerator.com"
      PublicAccessBlockConfiguration:
        BlockPublicAcls: false
        BlockPublicPolicy: false
        IgnorePublicAcls: false
        RestrictPublicBuckets: false
    DeletionPolicy: Retain

  IAmErrorSiteCachePolicy:
    Type: "AWS::CloudFront::CachePolicy"
    Properties:
      CachePolicyConfig:
        Comment: "Cache policy for iamerrorgenerator.com distribution"
        DefaultTTL: 300 # five minutes
        MaxTTL: 31536000
        MinTTL: 60
        Name: "iamerror-cache-policy"
        ParametersInCacheKeyAndForwardedToOrigin:
          CookiesConfig:
            CookieBehavior: none
          EnableAcceptEncodingBrotli: true
          EnableAcceptEncodingGzip: true
          HeadersConfig:
            HeaderBehavior: none
          QueryStringsConfig:
            QueryStringBehavior: none

  IAmErrorSiteDistribution:
    Type: "AWS::CloudFront::Distribution"
    Properties:
      DistributionConfig:
        Aliases:
          - iamerrorgenerator.com
          - iamerror.tmont.com
        Comment: "Frontend proxy for iamerrorgenerator.com"
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          CachedMethods:
            - GET
            - HEAD
          CachePolicyId: !Ref IAmErrorSiteCachePolicy
          Compress: true
          TargetOriginId: s3-iamerror-bucket
          ViewerProtocolPolicy: "redirect-to-https"
        DefaultRootObject: "index.html"
        Enabled: true
        HttpVersion: http2
        IPV6Enabled: true
        Origins:
          - DomainName: !GetAtt IAmErrorSiteBucket.RegionalDomainName
            Id: s3-iamerror-bucket
            S3OriginConfig:
              OriginAccessIdentity: ""
        ViewerCertificate:
          AcmCertificateArn: "arn:aws:acm:us-east-1:592283802202:certificate/8bb1c1c8-a76c-44fb-9f3a-bfad0c3a5450"
          MinimumProtocolVersion: "TLSv1"
          SslSupportMethod: "sni-only"
      Tags:
        - Key: app
          Value: iamerrorgenerator

  IAmErrorSiteDNS:
    Type: "AWS::Route53::RecordSetGroup"
    Properties:
      Comment: "DNS for iamerrorgenerator.com CloudFront proxy"
      HostedZoneName: "iamerrorgenerator.com."
      RecordSets:
        - Name: iamerrorgenerator.com
          Type: "A"
          AliasTarget:
            # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-hostedzoneid
            HostedZoneId: "Z2FDTNDATAQYW2"
            DNSName: !GetAtt IAmErrorSiteDistribution.DomainName
        - Name: iamerrorgenerator.com
          Type: "AAAA"
          AliasTarget:
            HostedZoneId: "Z2FDTNDATAQYW2"
            DNSName: !GetAtt IAmErrorSiteDistribution.DomainName

  IAmErrorTmontSiteDNS:
    Type: "AWS::Route53::RecordSetGroup"
    Properties:
      Comment: "DNS for iamerror.tmont.com CloudFront proxy"
      HostedZoneName: "tmont.com."
      RecordSets:
        - Name: iamerror.tmont.com
          Type: "A"
          AliasTarget:
            # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-aliastarget.html#cfn-route53-aliastarget-hostedzoneid
            HostedZoneId: "Z2FDTNDATAQYW2"
            DNSName: !GetAtt IAmErrorSiteDistribution.DomainName
        - Name: iamerror.tmont.com
          Type: "AAAA"
          AliasTarget:
            HostedZoneId: "Z2FDTNDATAQYW2"
            DNSName: !GetAtt IAmErrorSiteDistribution.DomainName