diff --git a/aws/beta.ordbok.uib.no_stack.yaml b/aws/beta.ordbok.uib.no_stack.yaml
index 4a9caa1ef95d9823c3ba4d1b362f4a1e6a9e55ed..6a36d0e156760de96a9b1a11ddbff0541231c8f2 100644
--- a/aws/beta.ordbok.uib.no_stack.yaml
+++ b/aws/beta.ordbok.uib.no_stack.yaml
@@ -10,14 +10,10 @@ Parameters:
DomainName:
Type: String
Description: The domain name.
- Default: 'ordbok.aws.uib.no'
+ Default: 'beta.ordbok.aws.uib.no.'
AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
ConstraintDescription: must be a valid DNS zone name
-
- DomainPrefix:
- Type: String
- Default: beta
-
+
PriceClass:
Type: String
Description: The CloudFront distribution price class
@@ -26,13 +22,16 @@ Parameters:
- 'PriceClass_100'
#- 'PriceClass_200'
#- 'PriceClass_All'
-
+
CertificateArn:
Type: String
Default: ''
+ HostedZone:
+ Type: String
+ Default: Z2YZQI8X816BZS
+
-
###############################################################################
Resources:
###############################################################################
@@ -40,21 +39,13 @@ Resources:
DNS:
Type: "AWS::Route53::RecordSet"
Properties:
- HostedZoneConfig:
- Comment: !Join ['', ['Hosted zone for ', !Ref 'DomainName']]
- HostedZoneName: !Join ['.', [!Ref DomainName, '']]
- Name: !Join ['.', [!Ref DomainPrefix, !Ref DomainName, '']]
+ HostedZoneName: !Ref DomainName
+ Name: !Ref DomainName
Type: A
AliasTarget:
- HostedZoneId: Z2YZQI8X816BZS
+ HostedZoneId: !Ref HostedZone
DNSName: !GetAtt Distribution.DomainName
- HostedZoneTags:
- - Key: Application
- Value: beta.ordbok.uib.no
- Tags:
- - Key: Application
- Value: !Ref DomainName
-
+
WebBucket:
Type: "AWS::S3::Bucket"
Properties:
@@ -64,7 +55,7 @@ Resources:
Tags:
- Key: Application
Value: !Ref DomainName
-
+
BucketPolicy:
Type: "AWS::S3::BucketPolicy"
@@ -79,12 +70,8 @@ Resources:
Action: s3:GetObject
Resource: !Join ['', ['arn:aws:s3:::', !Ref 'WebBucket', /*]]
Principal:
- - CanonicalUser: !GetAtt CloudFrontOriginIdentity.S3CanonicalUserId
+ CanonicalUser: !GetAtt CloudFrontOriginIdentity.S3CanonicalUserId
- Tags:
- - Key: Application
- Value: !Ref DomainName
-
ITAIpSet:
Type: "AWS::WAF::IPSet"
Properties:
@@ -92,10 +79,7 @@ Resources:
- Type: "IPV4"
Value: "129.177.0.0/16"
Name: "allowed IPs"
- Tags:
- - Key: Application
- Value: !Ref DomainName
-
+
ITARule:
Type: "AWS::WAF::Rule"
Properties:
@@ -105,10 +89,7 @@ Resources:
- Type: "IPMatch"
Negated: false
DataId: !Ref ITAIpSet
- Tags:
- - Key: Application
- Value: !Ref DomainName
-
+
ACL:
Type: "AWS::WAF::WebACL"
Properties:
@@ -121,10 +102,7 @@ Resources:
Type: "ALLOW"
Priority: 1
RuleId: !Ref ITARule
- Tags:
- - Key: Application
- Value: !Ref DomainName
-
+
Distribution:
Type: "AWS::CloudFront::Distribution"
Properties:
@@ -139,7 +117,7 @@ Resources:
S3OriginConfig:
OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${CloudFrontOriginIdentity}"
Aliases:
- - !Join ['.', [!Ref DomainPrefix, !Ref DomainName]]
+ - !Ref DomainName
CustomErrorResponses:
- ErrorCachingMinTTL: 300
ErrorCode: 403
@@ -164,9 +142,7 @@ Resources:
AcmCertificateArn: !Ref CertificateArn
MinimumProtocolVersion: TLSv1.1_2016
SslSupportMethod: sni-only
- WebACLId:
- - !Ref ACL
- - !Ref "AWS::NoValue"
+ WebACLId: !Ref ACL
Tags:
- Key: Application
Value: !Ref DomainName
@@ -176,6 +152,3 @@ Resources:
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: "origin identity"
- Tags:
- - Key: Application
- Value: !Ref DomainName