Skip to content
Snippets Groups Projects
Commit 08072180 authored by Ole Voldsæter's avatar Ole Voldsæter
Browse files

fikset feil i cf-template

parent b91839ab
No related branches found
No related tags found
No related merge requests found
......@@ -10,14 +10,10 @@ Parameters:
DomainName:
Type: String
Description: The domain name.
Default: 'ordbok.aws.uib.no'
Default: 'beta.ordbok.aws.uib.no.'
AllowedPattern: (?!-)[a-zA-Z0-9-.]{1,63}(?<!-)
ConstraintDescription: must be a valid DNS zone name
DomainPrefix:
Type: String
Default: beta
PriceClass:
Type: String
Description: The CloudFront distribution price class
......@@ -26,13 +22,16 @@ Parameters:
- 'PriceClass_100'
#- 'PriceClass_200'
#- 'PriceClass_All'
CertificateArn:
Type: String
Default: ''
HostedZone:
Type: String
Default: Z2YZQI8X816BZS
###############################################################################
Resources:
###############################################################################
......@@ -40,21 +39,13 @@ Resources:
DNS:
Type: "AWS::Route53::RecordSet"
Properties:
HostedZoneConfig:
Comment: !Join ['', ['Hosted zone for ', !Ref 'DomainName']]
HostedZoneName: !Join ['.', [!Ref DomainName, '']]
Name: !Join ['.', [!Ref DomainPrefix, !Ref DomainName, '']]
HostedZoneName: !Ref DomainName
Name: !Ref DomainName
Type: A
AliasTarget:
HostedZoneId: Z2YZQI8X816BZS
HostedZoneId: !Ref HostedZone
DNSName: !GetAtt Distribution.DomainName
HostedZoneTags:
- Key: Application
Value: beta.ordbok.uib.no
Tags:
- Key: Application
Value: !Ref DomainName
WebBucket:
Type: "AWS::S3::Bucket"
Properties:
......@@ -64,7 +55,7 @@ Resources:
Tags:
- Key: Application
Value: !Ref DomainName
BucketPolicy:
Type: "AWS::S3::BucketPolicy"
......@@ -79,12 +70,8 @@ Resources:
Action: s3:GetObject
Resource: !Join ['', ['arn:aws:s3:::', !Ref 'WebBucket', /*]]
Principal:
- CanonicalUser: !GetAtt CloudFrontOriginIdentity.S3CanonicalUserId
CanonicalUser: !GetAtt CloudFrontOriginIdentity.S3CanonicalUserId
Tags:
- Key: Application
Value: !Ref DomainName
ITAIpSet:
Type: "AWS::WAF::IPSet"
Properties:
......@@ -92,10 +79,7 @@ Resources:
- Type: "IPV4"
Value: "129.177.0.0/16"
Name: "allowed IPs"
Tags:
- Key: Application
Value: !Ref DomainName
ITARule:
Type: "AWS::WAF::Rule"
Properties:
......@@ -105,10 +89,7 @@ Resources:
- Type: "IPMatch"
Negated: false
DataId: !Ref ITAIpSet
Tags:
- Key: Application
Value: !Ref DomainName
ACL:
Type: "AWS::WAF::WebACL"
Properties:
......@@ -121,10 +102,7 @@ Resources:
Type: "ALLOW"
Priority: 1
RuleId: !Ref ITARule
Tags:
- Key: Application
Value: !Ref DomainName
Distribution:
Type: "AWS::CloudFront::Distribution"
Properties:
......@@ -139,7 +117,7 @@ Resources:
S3OriginConfig:
OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${CloudFrontOriginIdentity}"
Aliases:
- !Join ['.', [!Ref DomainPrefix, !Ref DomainName]]
- !Ref DomainName
CustomErrorResponses:
- ErrorCachingMinTTL: 300
ErrorCode: 403
......@@ -164,9 +142,7 @@ Resources:
AcmCertificateArn: !Ref CertificateArn
MinimumProtocolVersion: TLSv1.1_2016
SslSupportMethod: sni-only
WebACLId:
- !Ref ACL
- !Ref "AWS::NoValue"
WebACLId: !Ref ACL
Tags:
- Key: Application
Value: !Ref DomainName
......@@ -176,6 +152,3 @@ Resources:
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: "origin identity"
Tags:
- Key: Application
Value: !Ref DomainName
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment