diff --git a/package.json b/package.json index ffd8a5e..e0ad6b8 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,7 @@ "@antfu/eslint-config": "^3.8.0", "@types/jest": "^29.5.14", "@types/js-yaml": "^4.0.9", - "@types/node": "22.8.4", + "@types/node": "22.8.5", "@typescript-eslint/eslint-plugin": "^8.12.2", "@typescript-eslint/parser": "^8.12.2", "aws-cdk": "2.164.1", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 49f89f4..529f8a0 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -34,8 +34,8 @@ importers: specifier: ^4.0.9 version: 4.0.9 '@types/node': - specifier: 22.8.4 - version: 22.8.4 + specifier: 22.8.5 + version: 22.8.5 '@typescript-eslint/eslint-plugin': specifier: ^8.12.2 version: 8.12.2(@typescript-eslint/parser@8.12.2(eslint@9.13.0)(typescript@5.6.3))(eslint@9.13.0)(typescript@5.6.3) @@ -53,13 +53,13 @@ importers: version: 2.31.0(@typescript-eslint/parser@8.12.2(eslint@9.13.0)(typescript@5.6.3))(eslint@9.13.0) jest: specifier: ^29.7.0 - version: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + version: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) ts-jest: specifier: ^29.2.5 - version: 29.2.5(@babel/core@7.26.0)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.26.0))(jest@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)))(typescript@5.6.3) + version: 29.2.5(@babel/core@7.26.0)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.26.0))(jest@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)))(typescript@5.6.3) ts-node: specifier: ^10.9.2 - version: 10.9.2(@types/node@22.8.4)(typescript@5.6.3) + version: 10.9.2(@types/node@22.8.5)(typescript@5.6.3) typescript: specifier: ~5.6.3 version: 5.6.3 @@ -576,8 +576,8 @@ packages: '@types/ms@0.7.34': resolution: {integrity: sha512-nG96G3Wp6acyAgJqGasjODb+acrI7KltPiRxzHPXnP3NgI28bpQDRv53olbqGXbfcgF5aiiHmO3xpwEpS5Ld9g==} - '@types/node@22.8.4': - resolution: {integrity: sha512-SpNNxkftTJOPk0oN+y2bIqurEXHTA2AOZ3EJDDKeJ5VzkvvORSvmQXGQarcOzWV1ac7DCaPBEdMDxBsM+d8jWw==} + '@types/node@22.8.5': + resolution: {integrity: sha512-5iYk6AMPtsMbkZqCO1UGF9W5L38twq11S2pYWkybGHH2ogPUvXWNlQqJBzuEZWKj/WRH+QTeiv6ySWqJtvIEgA==} '@types/normalize-package-data@2.4.4': resolution: {integrity: sha512-37i+OaWTh9qeK4LSHPsyRC7NahnGotNuZvjLSgcPzblpHB3rrCJxAOgI5gCdKm7coonsaX1Of0ILiTcnZjbfxA==} @@ -859,8 +859,8 @@ packages: resolution: {integrity: sha512-Gmy6FhYlCY7uOElZUSbxo2UCDH8owEk996gkbrpsgGtrJLM3J7jGxl9Ic7Qwwj4ivOE5AWZWRMecDdF7hqGjFA==} engines: {node: '>=10'} - caniuse-lite@1.0.30001675: - resolution: {integrity: sha512-/wV1bQwPrkLiQMjaJF5yUMVM/VdRPOCU8QZ+PmG6uW6DvYSrNY1bpwHI/3mOcUosLaJCzYDi5o91IQB51ft6cg==} + caniuse-lite@1.0.30001676: + resolution: {integrity: sha512-Qz6zwGCiPghQXGJvgQAem79esjitvJ+CxSbSQkW9H/UX5hg8XM88d4lp2W+MEQ81j+Hip58Il+jGVdazk1z9cw==} ccount@2.0.1: resolution: {integrity: sha512-eyrF0jiFpY+3drT6383f1qhkbGsLSifNAjA61IUjZjmLCWjItY6LB9ft9YhoDgwfmclB2zhu51Lc7+95b8NRAg==} @@ -1252,8 +1252,8 @@ packages: peerDependencies: eslint: ^6.2.0 || ^7.0.0 || ^8.0.0 || ^9.0.0 - eslint-plugin-yml@1.14.0: - resolution: {integrity: sha512-ESUpgYPOcAYQO9czugcX5OqRvn/ydDVwGCPXY4YjPqc09rHaUVUA6IE6HLQys4rXk/S+qx3EwTd1wHCwam/OWQ==} + eslint-plugin-yml@1.15.0: + resolution: {integrity: sha512-leC8APYVOsKyWUlvRwVhewytK5wS70BfMqIaUplFstRfzCoVp0YoEroV4cUEvQrBj93tQ3M9LcjO/ewr6D4kjA==} engines: {node: ^14.17.0 || >=16.0.0} peerDependencies: eslint: '>=6.0.0' @@ -2750,7 +2750,7 @@ snapshots: eslint-plugin-unicorn: 56.0.0(eslint@9.13.0) eslint-plugin-unused-imports: 4.1.4(@typescript-eslint/eslint-plugin@8.12.2(@typescript-eslint/parser@8.12.2(eslint@9.13.0)(typescript@5.6.3))(eslint@9.13.0)(typescript@5.6.3))(eslint@9.13.0) eslint-plugin-vue: 9.30.0(eslint@9.13.0) - eslint-plugin-yml: 1.14.0(eslint@9.13.0) + eslint-plugin-yml: 1.15.0(eslint@9.13.0) eslint-processor-vue-blocks: 0.1.2(@vue/compiler-sfc@3.5.12)(eslint@9.13.0) globals: 15.11.0 jsonc-eslint-parser: 2.4.0 @@ -3080,27 +3080,27 @@ snapshots: '@jest/console@29.7.0': dependencies: '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 jest-message-util: 29.7.0 jest-util: 29.7.0 slash: 3.0.0 - '@jest/core@29.7.0(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3))': + '@jest/core@29.7.0(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3))': dependencies: '@jest/console': 29.7.0 '@jest/reporters': 29.7.0 '@jest/test-result': 29.7.0 '@jest/transform': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 ansi-escapes: 4.3.2 chalk: 4.1.2 ci-info: 3.9.0 exit: 0.1.2 graceful-fs: 4.2.11 jest-changed-files: 29.7.0 - jest-config: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + jest-config: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) jest-haste-map: 29.7.0 jest-message-util: 29.7.0 jest-regex-util: 29.6.3 @@ -3125,7 +3125,7 @@ snapshots: dependencies: '@jest/fake-timers': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 jest-mock: 29.7.0 '@jest/expect-utils@29.7.0': @@ -3143,7 +3143,7 @@ snapshots: dependencies: '@jest/types': 29.6.3 '@sinonjs/fake-timers': 10.3.0 - '@types/node': 22.8.4 + '@types/node': 22.8.5 jest-message-util: 29.7.0 jest-mock: 29.7.0 jest-util: 29.7.0 @@ -3165,7 +3165,7 @@ snapshots: '@jest/transform': 29.7.0 '@jest/types': 29.6.3 '@jridgewell/trace-mapping': 0.3.25 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 collect-v8-coverage: 1.0.2 exit: 0.1.2 @@ -3235,7 +3235,7 @@ snapshots: '@jest/schemas': 29.6.3 '@types/istanbul-lib-coverage': 2.0.6 '@types/istanbul-reports': 3.0.4 - '@types/node': 22.8.4 + '@types/node': 22.8.5 '@types/yargs': 17.0.33 chalk: 4.1.2 @@ -3336,7 +3336,7 @@ snapshots: '@types/graceful-fs@4.1.9': dependencies: - '@types/node': 22.8.4 + '@types/node': 22.8.5 '@types/istanbul-lib-coverage@2.0.6': {} @@ -3365,7 +3365,7 @@ snapshots: '@types/ms@0.7.34': {} - '@types/node@22.8.4': + '@types/node@22.8.5': dependencies: undici-types: 6.19.8 @@ -3685,7 +3685,7 @@ snapshots: browserslist@4.24.2: dependencies: - caniuse-lite: 1.0.30001675 + caniuse-lite: 1.0.30001676 electron-to-chromium: 1.5.49 node-releases: 2.0.18 update-browserslist-db: 1.1.1(browserslist@4.24.2) @@ -3716,7 +3716,7 @@ snapshots: camelcase@6.3.0: {} - caniuse-lite@1.0.30001675: {} + caniuse-lite@1.0.30001676: {} ccount@2.0.1: {} @@ -3769,13 +3769,13 @@ snapshots: dependencies: browserslist: 4.24.2 - create-jest@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)): + create-jest@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)): dependencies: '@jest/types': 29.6.3 chalk: 4.1.2 exit: 0.1.2 graceful-fs: 4.2.11 - jest-config: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + jest-config: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) jest-util: 29.7.0 prompts: 2.4.2 transitivePeerDependencies: @@ -4186,7 +4186,7 @@ snapshots: transitivePeerDependencies: - supports-color - eslint-plugin-yml@1.14.0(eslint@9.13.0): + eslint-plugin-yml@1.15.0(eslint@9.13.0): dependencies: debug: 4.3.7 eslint: 9.13.0 @@ -4646,7 +4646,7 @@ snapshots: '@jest/expect': 29.7.0 '@jest/test-result': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 co: 4.6.0 dedent: 1.5.3 @@ -4666,16 +4666,16 @@ snapshots: - babel-plugin-macros - supports-color - jest-cli@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)): + jest-cli@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)): dependencies: - '@jest/core': 29.7.0(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + '@jest/core': 29.7.0(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) '@jest/test-result': 29.7.0 '@jest/types': 29.6.3 chalk: 4.1.2 - create-jest: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + create-jest: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) exit: 0.1.2 import-local: 3.2.0 - jest-config: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + jest-config: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) jest-util: 29.7.0 jest-validate: 29.7.0 yargs: 17.7.2 @@ -4685,7 +4685,7 @@ snapshots: - supports-color - ts-node - jest-config@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)): + jest-config@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)): dependencies: '@babel/core': 7.26.0 '@jest/test-sequencer': 29.7.0 @@ -4710,8 +4710,8 @@ snapshots: slash: 3.0.0 strip-json-comments: 3.1.1 optionalDependencies: - '@types/node': 22.8.4 - ts-node: 10.9.2(@types/node@22.8.4)(typescript@5.6.3) + '@types/node': 22.8.5 + ts-node: 10.9.2(@types/node@22.8.5)(typescript@5.6.3) transitivePeerDependencies: - babel-plugin-macros - supports-color @@ -4740,7 +4740,7 @@ snapshots: '@jest/environment': 29.7.0 '@jest/fake-timers': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 jest-mock: 29.7.0 jest-util: 29.7.0 @@ -4750,7 +4750,7 @@ snapshots: dependencies: '@jest/types': 29.6.3 '@types/graceful-fs': 4.1.9 - '@types/node': 22.8.4 + '@types/node': 22.8.5 anymatch: 3.1.3 fb-watchman: 2.0.2 graceful-fs: 4.2.11 @@ -4789,7 +4789,7 @@ snapshots: jest-mock@29.7.0: dependencies: '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 jest-util: 29.7.0 jest-pnp-resolver@1.2.3(jest-resolve@29.7.0): @@ -4824,7 +4824,7 @@ snapshots: '@jest/test-result': 29.7.0 '@jest/transform': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 emittery: 0.13.1 graceful-fs: 4.2.11 @@ -4852,7 +4852,7 @@ snapshots: '@jest/test-result': 29.7.0 '@jest/transform': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 cjs-module-lexer: 1.4.1 collect-v8-coverage: 1.0.2 @@ -4898,7 +4898,7 @@ snapshots: jest-util@29.7.0: dependencies: '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 chalk: 4.1.2 ci-info: 3.9.0 graceful-fs: 4.2.11 @@ -4917,7 +4917,7 @@ snapshots: dependencies: '@jest/test-result': 29.7.0 '@jest/types': 29.6.3 - '@types/node': 22.8.4 + '@types/node': 22.8.5 ansi-escapes: 4.3.2 chalk: 4.1.2 emittery: 0.13.1 @@ -4926,17 +4926,17 @@ snapshots: jest-worker@29.7.0: dependencies: - '@types/node': 22.8.4 + '@types/node': 22.8.5 jest-util: 29.7.0 merge-stream: 2.0.0 supports-color: 8.1.1 - jest@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)): + jest@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)): dependencies: - '@jest/core': 29.7.0(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + '@jest/core': 29.7.0(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) '@jest/types': 29.6.3 import-local: 3.2.0 - jest-cli: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + jest-cli: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) transitivePeerDependencies: - '@types/node' - babel-plugin-macros @@ -5802,12 +5802,12 @@ snapshots: dependencies: typescript: 5.6.3 - ts-jest@29.2.5(@babel/core@7.26.0)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.26.0))(jest@29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)))(typescript@5.6.3): + ts-jest@29.2.5(@babel/core@7.26.0)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.26.0))(jest@29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)))(typescript@5.6.3): dependencies: bs-logger: 0.2.6 ejs: 3.1.10 fast-json-stable-stringify: 2.1.0 - jest: 29.7.0(@types/node@22.8.4)(ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3)) + jest: 29.7.0(@types/node@22.8.5)(ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3)) jest-util: 29.7.0 json5: 2.2.3 lodash.memoize: 4.1.2 @@ -5821,14 +5821,14 @@ snapshots: '@jest/types': 29.6.3 babel-jest: 29.7.0(@babel/core@7.26.0) - ts-node@10.9.2(@types/node@22.8.4)(typescript@5.6.3): + ts-node@10.9.2(@types/node@22.8.5)(typescript@5.6.3): dependencies: '@cspotcode/source-map-support': 0.8.1 '@tsconfig/node10': 1.0.11 '@tsconfig/node12': 1.0.11 '@tsconfig/node14': 1.0.3 '@tsconfig/node16': 1.0.4 - '@types/node': 22.8.4 + '@types/node': 22.8.5 acorn: 8.14.0 acorn-walk: 8.3.4 arg: 4.1.3 diff --git a/test/__snapshots__/p6-sites.test.ts.snap b/test/__snapshots__/p6-sites.test.ts.snap index cbdb638..df6c9d3 100644 --- a/test/__snapshots__/p6-sites.test.ts.snap +++ b/test/__snapshots__/p6-sites.test.ts.snap @@ -20,7 +20,82 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, }, "Resources": { - "continuouslearningioCloudfrontDnsRecordDAFF22EC": { + "continuouslearningioCachePolicyECFEC64F": { + "Properties": { + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitescontinuouslearningioCachePolicyB244DA01-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", + }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", + }, + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, + }, + }, + "Type": "AWS::CloudFront::CachePolicy", + }, + "continuouslearningioCertificateED1D1BBA": { + "Properties": { + "DomainName": "continuouslearning.io", + "DomainValidationOptions": [ + { + "DomainName": "continuouslearning.io", + "ValidationDomain": "continuouslearning.io", + }, + { + "DomainName": "www.continuouslearning.io", + "ValidationDomain": "continuouslearning.io", + }, + ], + "SubjectAlternativeNames": [ + "www.continuouslearning.io", + ], + "Tags": [ + { + "Key": "Name", + "Value": "p6-sites/continuouslearning.io/Certificate", + }, + ], + "ValidationMethod": "EMAIL", + }, + "Type": "AWS::CertificateManager::Certificate", + }, + "continuouslearningioCloudfrontDnsRecordAAAAWWWF8A3B813": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "continuouslearningioDistributionC3C43B77", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.continuouslearning.io.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "continuouslearningioCloudfrontDnsRecordWWWC09E3116": { "Properties": { "AliasTarget": { "DNSName": { @@ -49,22 +124,35 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "Properties": { "DistributionConfig": { "Aliases": [ + "continuouslearning.io", "www.continuouslearning.io", ], + "Comment": "www.continuouslearning.io", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", - "OPTIONS", ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "CachePolicyId": { + "Ref": "continuouslearningioCachePolicyECFEC64F", + }, "Compress": true, "TargetOriginId": "p6sitescontinuouslearningioDistributionOrigin1C8AA5C42", - "ViewerProtocolPolicy": "allow-all", + "ViewerProtocolPolicy": "redirect-to-https", }, + "DefaultRootObject": "index.html", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "continuouslearningioLogBucketB21C6240", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, "Origins": [ { "CustomOriginConfig": { @@ -92,9 +180,10 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "Id": "p6sitescontinuouslearningioDistributionOrigin1C8AA5C42", }, ], + "PriceClass": "PriceClass_100", "ViewerCertificate": { "AcmCertificateArn": { - "Ref": "continuouslearningioWWWCertificate4CC76E92", + "Ref": "continuouslearningioCertificateED1D1BBA", }, "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", @@ -103,6 +192,89 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::Distribution", }, + "continuouslearningioLogBucketB21C6240": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "continuouslearningioLogBucketPolicyF4EEE7DE": { + "Properties": { + "Bucket": { + "Ref": "continuouslearningioLogBucketB21C6240", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com", + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "continuouslearningioLogBucketB21C6240", + "Arn", + ], + }, + "/*", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, "continuouslearningioMyBucket9B29BDA5": { "DeletionPolicy": "Delete", "Properties": { @@ -143,25 +315,42 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "PolicyDocument": { "Statement": [ { - "Action": "s3:GetObject", + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], "Effect": "Allow", "Principal": { - "AWS": "*", - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "continuouslearningioMyBucket9B29BDA5", - "Arn", - ], - }, - "/*", + "CanonicalUser": { + "Fn::GetAtt": [ + "continuouslearningioOAIB68EE4F4", + "S3CanonicalUserId", ], - ], + }, }, + "Resource": [ + { + "Fn::GetAtt": [ + "continuouslearningioMyBucket9B29BDA5", + "Arn", + ], + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "continuouslearningioMyBucket9B29BDA5", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], }, ], "Version": "2012-10-17", @@ -177,31 +366,37 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", }, - "continuouslearningioWWWCertificate4CC76E92": { + "continuouslearningioRedirectRedirectAliasRecord7fb9bf82E36129": { "Properties": { - "DomainName": "www.continuouslearning.io", - "DomainValidationOptions": [ - { - "DomainName": "www.continuouslearning.io", - "ValidationDomain": "continuouslearning.io", + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "continuouslearningioRedirectRedirectDistributionCFDistribution4BDD8B07", + "DomainName", + ], }, - ], - "Tags": [ - { - "Key": "Name", - "Value": "p6-sites/continuouslearning.io/WWW-Certificate", + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], }, - ], - "ValidationMethod": "EMAIL", + }, + "HostedZoneId": "DUMMY", + "Name": "continuouslearning.io.", + "Type": "A", }, - "Type": "AWS::CertificateManager::Certificate", + "Type": "AWS::Route53::RecordSet", }, - "continuouslearningtrainingCloudfrontDnsRecordCF1BD7B4": { + "continuouslearningioRedirectRedirectAliasRecordSix7fb9bf7500E878": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ - "continuouslearningtrainingDistribution8DA11F2F", + "continuouslearningioRedirectRedirectDistributionCFDistribution4BDD8B07", "DomainName", ], }, @@ -216,35 +411,205 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, }, "HostedZoneId": "DUMMY", - "Name": "www.continuouslearning.training.", - "Type": "A", + "Name": "continuouslearning.io.", + "Type": "AAAA", }, "Type": "AWS::Route53::RecordSet", }, - "continuouslearningtrainingDistribution8DA11F2F": { + "continuouslearningioRedirectRedirectBucket94C43DDD": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.continuouslearning.io", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionF9BBC8EA": { + "DependsOn": [ + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyE30425C8", + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDE8CD042", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDE8CD042", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDE8CD042": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyE30425C8": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.continuouslearning.io", + "*.continuouslearning.io", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyE30425C8", + "Roles": [ + { + "Ref": "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDE8CD042", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "continuouslearningioRedirectRedirectCertificateCertificateRequestorResource52152C07": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "continuouslearning.io", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "continuouslearningioRedirectRedirectCertificateCertificateRequestorFunctionF9BBC8EA", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "continuouslearning.io", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "continuouslearningioRedirectRedirectDistributionCFDistribution4BDD8B07": { "Properties": { "DistributionConfig": { "Aliases": [ - "www.continuouslearning.training", + "continuouslearning.io", ], + "Comment": "Redirect to www.continuouslearning.io from continuouslearning.io", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", - "OPTIONS", ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "CachedMethods": [ + "GET", + "HEAD", + ], "Compress": true, - "TargetOriginId": "p6sitescontinuouslearningtrainingDistributionOrigin1AB1EEF81", - "ViewerProtocolPolicy": "allow-all", + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", }, + "DefaultRootObject": "", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, "Origins": [ { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, "OriginSSLProtocols": [ "TLSv1.2", ], @@ -257,7 +622,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "/", { "Fn::GetAtt": [ - "continuouslearningtrainingMyBucketEA27A10F", + "continuouslearningioRedirectRedirectBucket94C43DDD", "WebsiteURL", ], }, @@ -265,119 +630,79 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, ], }, - "Id": "p6sitescontinuouslearningtrainingDistributionOrigin1AB1EEF81", + "Id": "origin1", }, ], + "PriceClass": "PriceClass_All", "ViewerCertificate": { "AcmCertificateArn": { - "Ref": "continuouslearningtrainingWWWCertificateDF178687", + "Fn::GetAtt": [ + "continuouslearningioRedirectRedirectCertificateCertificateRequestorResource52152C07", + "Arn", + ], }, - "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", }, }, }, "Type": "AWS::CloudFront::Distribution", }, - "continuouslearningtrainingMyBucketEA27A10F": { - "DeletionPolicy": "Delete", + "continuouslearningtrainingCachePolicy13B2A610": { "Properties": { - "AccessControl": "BucketOwnerFullControl", - "CorsConfiguration": { - "CorsRules": [ - { - "AllowedHeaders": [ - "*", - ], - "AllowedMethods": [ - "GET", - "PUT", - ], - "AllowedOrigins": [ - "*", - ], - "MaxAge": 3000, + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitescontinuouslearningtrainingCachePolicyB92EB763-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", }, - ], - }, - "PublicAccessBlockConfiguration": { - "BlockPublicAcls": true, - "IgnorePublicAcls": true, - }, - "WebsiteConfiguration": { - "IndexDocument": "index.html", - }, - }, - "Type": "AWS::S3::Bucket", - "UpdateReplacePolicy": "Delete", - }, - "continuouslearningtrainingMyBucketPolicyA768D13A": { - "Properties": { - "Bucket": { - "Ref": "continuouslearningtrainingMyBucketEA27A10F", - }, - "PolicyDocument": { - "Statement": [ - { - "Action": "s3:GetObject", - "Effect": "Allow", - "Principal": { - "AWS": "*", - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "continuouslearningtrainingMyBucketEA27A10F", - "Arn", - ], - }, - "/*", - ], - ], - }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", }, - ], - "Version": "2012-10-17", - }, - }, - "Type": "AWS::S3::BucketPolicy", - }, - "continuouslearningtrainingOAIA672E8A6": { - "Properties": { - "CloudFrontOriginAccessIdentityConfig": { - "Comment": "Allows CloudFront to reach the bucket", + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, }, }, - "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + "Type": "AWS::CloudFront::CachePolicy", }, - "continuouslearningtrainingWWWCertificateDF178687": { + "continuouslearningtrainingCertificate82494084": { "Properties": { - "DomainName": "www.continuouslearning.training", + "DomainName": "continuouslearning.training", "DomainValidationOptions": [ + { + "DomainName": "continuouslearning.training", + "ValidationDomain": "continuouslearning.training", + }, { "DomainName": "www.continuouslearning.training", "ValidationDomain": "continuouslearning.training", }, ], + "SubjectAlternativeNames": [ + "www.continuouslearning.training", + ], "Tags": [ { "Key": "Name", - "Value": "p6-sites/continuouslearning.training/WWW-Certificate", + "Value": "p6-sites/continuouslearning.training/Certificate", }, ], "ValidationMethod": "EMAIL", }, "Type": "AWS::CertificateManager::Certificate", }, - "gollucciinfoCloudfrontDnsRecord73B6BDFA": { + "continuouslearningtrainingCloudfrontDnsRecordAAAAWWWC88D29B7": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ - "gollucciinfoDistribution2DF96552", + "continuouslearningtrainingDistribution8DA11F2F", "DomainName", ], }, @@ -392,31 +717,69 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, }, "HostedZoneId": "DUMMY", - "Name": "www.gollucci.info.", + "Name": "www.continuouslearning.training.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "continuouslearningtrainingCloudfrontDnsRecordWWWE430E623": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "continuouslearningtrainingDistribution8DA11F2F", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.continuouslearning.training.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, - "gollucciinfoDistribution2DF96552": { + "continuouslearningtrainingDistribution8DA11F2F": { "Properties": { "DistributionConfig": { "Aliases": [ - "www.gollucci.info", + "continuouslearning.training", + "www.continuouslearning.training", ], + "Comment": "www.continuouslearning.training", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", - "OPTIONS", ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "CachePolicyId": { + "Ref": "continuouslearningtrainingCachePolicy13B2A610", + }, "Compress": true, - "TargetOriginId": "p6sitesgollucciinfoDistributionOrigin1D03A0A00", - "ViewerProtocolPolicy": "allow-all", + "TargetOriginId": "p6sitescontinuouslearningtrainingDistributionOrigin1AB1EEF81", + "ViewerProtocolPolicy": "redirect-to-https", }, + "DefaultRootObject": "index.html", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "continuouslearningtrainingLogBucket1D0B7978", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, "Origins": [ { "CustomOriginConfig": { @@ -433,7 +796,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "/", { "Fn::GetAtt": [ - "gollucciinfoMyBucketCE279C32", + "continuouslearningtrainingMyBucketEA27A10F", "WebsiteURL", ], }, @@ -441,12 +804,13 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, ], }, - "Id": "p6sitesgollucciinfoDistributionOrigin1D03A0A00", + "Id": "p6sitescontinuouslearningtrainingDistributionOrigin1AB1EEF81", }, ], + "PriceClass": "PriceClass_100", "ViewerCertificate": { "AcmCertificateArn": { - "Ref": "gollucciinfoWWWCertificateAF1BDF1C", + "Ref": "continuouslearningtrainingCertificate82494084", }, "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", @@ -455,24 +819,23 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::Distribution", }, - "gollucciinfoMyBucketCE279C32": { + "continuouslearningtrainingLogBucket1D0B7978": { "DeletionPolicy": "Delete", "Properties": { - "AccessControl": "BucketOwnerFullControl", - "CorsConfiguration": { - "CorsRules": [ + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ { - "AllowedHeaders": [ - "*", - ], - "AllowedMethods": [ - "GET", - "PUT", - ], - "AllowedOrigins": [ - "*", - ], - "MaxAge": 3000, + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", }, ], }, @@ -480,25 +843,43 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "BlockPublicAcls": true, "IgnorePublicAcls": true, }, - "WebsiteConfiguration": { - "IndexDocument": "index.html", - }, }, "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, - "gollucciinfoMyBucketPolicy14D907C5": { + "continuouslearningtrainingLogBucketPolicy569428A5": { "Properties": { "Bucket": { - "Ref": "gollucciinfoMyBucketCE279C32", + "Ref": "continuouslearningtrainingLogBucket1D0B7978", }, "PolicyDocument": { "Statement": [ { - "Action": "s3:GetObject", + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, "Effect": "Allow", "Principal": { - "AWS": "*", + "Service": "delivery.logs.amazonaws.com", }, "Resource": { "Fn::Join": [ @@ -506,7 +887,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ [ { "Fn::GetAtt": [ - "gollucciinfoMyBucketCE279C32", + "continuouslearningtrainingLogBucket1D0B7978", "Arn", ], }, @@ -521,117 +902,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::S3::BucketPolicy", }, - "gollucciinfoOAIB014D255": { - "Properties": { - "CloudFrontOriginAccessIdentityConfig": { - "Comment": "Allows CloudFront to reach the bucket", - }, - }, - "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", - }, - "gollucciinfoWWWCertificateAF1BDF1C": { - "Properties": { - "DomainName": "www.gollucci.info", - "DomainValidationOptions": [ - { - "DomainName": "www.gollucci.info", - "ValidationDomain": "gollucci.info", - }, - ], - "Tags": [ - { - "Key": "Name", - "Value": "p6-sites/gollucci.info/WWW-Certificate", - }, - ], - "ValidationMethod": "EMAIL", - }, - "Type": "AWS::CertificateManager::Certificate", - }, - "gollucciioCloudfrontDnsRecord85140576": { - "Properties": { - "AliasTarget": { - "DNSName": { - "Fn::GetAtt": [ - "gollucciioDistribution4D09EAB0", - "DomainName", - ], - }, - "HostedZoneId": { - "Fn::FindInMap": [ - "AWSCloudFrontPartitionHostedZoneIdMap", - { - "Ref": "AWS::Partition", - }, - "zoneId", - ], - }, - }, - "HostedZoneId": "DUMMY", - "Name": "www.gollucci.io.", - "Type": "A", - }, - "Type": "AWS::Route53::RecordSet", - }, - "gollucciioDistribution4D09EAB0": { - "Properties": { - "DistributionConfig": { - "Aliases": [ - "www.gollucci.io", - ], - "DefaultCacheBehavior": { - "AllowedMethods": [ - "GET", - "HEAD", - "OPTIONS", - ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", - "Compress": true, - "TargetOriginId": "p6sitesgollucciioDistributionOrigin149C1ED9E", - "ViewerProtocolPolicy": "allow-all", - }, - "Enabled": true, - "HttpVersion": "http2", - "IPV6Enabled": true, - "Origins": [ - { - "CustomOriginConfig": { - "OriginProtocolPolicy": "http-only", - "OriginSSLProtocols": [ - "TLSv1.2", - ], - }, - "DomainName": { - "Fn::Select": [ - 2, - { - "Fn::Split": [ - "/", - { - "Fn::GetAtt": [ - "gollucciioMyBucket1B79BDF2", - "WebsiteURL", - ], - }, - ], - }, - ], - }, - "Id": "p6sitesgollucciioDistributionOrigin149C1ED9E", - }, - ], - "ViewerCertificate": { - "AcmCertificateArn": { - "Ref": "gollucciioWWWCertificate4F81E00D", - }, - "MinimumProtocolVersion": "TLSv1.2_2021", - "SslSupportMethod": "sni-only", - }, - }, - }, - "Type": "AWS::CloudFront::Distribution", - }, - "gollucciioMyBucket1B79BDF2": { + "continuouslearningtrainingMyBucketEA27A10F": { "DeletionPolicy": "Delete", "Properties": { "AccessControl": "BucketOwnerFullControl", @@ -663,33 +934,50 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "Type": "AWS::S3::Bucket", "UpdateReplacePolicy": "Delete", }, - "gollucciioMyBucketPolicy41E7DDB6": { + "continuouslearningtrainingMyBucketPolicyA768D13A": { "Properties": { "Bucket": { - "Ref": "gollucciioMyBucket1B79BDF2", + "Ref": "continuouslearningtrainingMyBucketEA27A10F", }, "PolicyDocument": { "Statement": [ { - "Action": "s3:GetObject", + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], "Effect": "Allow", "Principal": { - "AWS": "*", + "CanonicalUser": { + "Fn::GetAtt": [ + "continuouslearningtrainingOAIA672E8A6", + "S3CanonicalUserId", + ], + }, }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "gollucciioMyBucket1B79BDF2", - "Arn", - ], - }, - "/*", + "Resource": [ + { + "Fn::GetAtt": [ + "continuouslearningtrainingMyBucketEA27A10F", + "Arn", ], - ], - }, + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "continuouslearningtrainingMyBucketEA27A10F", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], }, ], "Version": "2012-10-17", @@ -697,7 +985,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::S3::BucketPolicy", }, - "gollucciioOAI79A047F2": { + "continuouslearningtrainingOAIA672E8A6": { "Properties": { "CloudFrontOriginAccessIdentityConfig": { "Comment": "Allows CloudFront to reach the bucket", @@ -705,31 +993,37 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", }, - "gollucciioWWWCertificate4F81E00D": { + "continuouslearningtrainingRedirectRedirectAliasRecord583f4fBE6419A9": { "Properties": { - "DomainName": "www.gollucci.io", - "DomainValidationOptions": [ - { - "DomainName": "www.gollucci.io", - "ValidationDomain": "gollucci.io", + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "continuouslearningtrainingRedirectRedirectDistributionCFDistribution37D8C772", + "DomainName", + ], }, - ], - "Tags": [ - { - "Key": "Name", - "Value": "p6-sites/gollucci.io/WWW-Certificate", + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], }, - ], - "ValidationMethod": "EMAIL", + }, + "HostedZoneId": "DUMMY", + "Name": "continuouslearning.training.", + "Type": "A", }, - "Type": "AWS::CertificateManager::Certificate", + "Type": "AWS::Route53::RecordSet", }, - "gollucciusCloudfrontDnsRecord4FBE5EC8": { + "continuouslearningtrainingRedirectRedirectAliasRecordSix583f4f0D018FBE": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ - "gollucciusDistribution4E9FA363", + "continuouslearningtrainingRedirectRedirectDistributionCFDistribution37D8C772", "DomainName", ], }, @@ -744,35 +1038,205 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, }, "HostedZoneId": "DUMMY", - "Name": "www.gollucci.us.", - "Type": "A", + "Name": "continuouslearning.training.", + "Type": "AAAA", }, "Type": "AWS::Route53::RecordSet", }, - "gollucciusDistribution4E9FA363": { + "continuouslearningtrainingRedirectRedirectBucket46C30C3B": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.continuouslearning.training", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunction4F7E12F8": { + "DependsOn": [ + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyCB301AAC", + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleEC62B53D", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleEC62B53D", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyCB301AAC": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.continuouslearning.training", + "*.continuouslearning.training", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyCB301AAC", + "Roles": [ + { + "Ref": "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleEC62B53D", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleEC62B53D": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorResource65EDAA90": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "continuouslearning.training", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorFunction4F7E12F8", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "continuouslearning.training", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "continuouslearningtrainingRedirectRedirectDistributionCFDistribution37D8C772": { "Properties": { "DistributionConfig": { "Aliases": [ - "www.gollucci.us", + "continuouslearning.training", ], + "Comment": "Redirect to www.continuouslearning.training from continuouslearning.training", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", - "OPTIONS", ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "CachedMethods": [ + "GET", + "HEAD", + ], "Compress": true, - "TargetOriginId": "p6sitesgollucciusDistributionOrigin105E0BDF6", - "ViewerProtocolPolicy": "allow-all", + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", }, + "DefaultRootObject": "", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, "Origins": [ { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, "OriginSSLProtocols": [ "TLSv1.2", ], @@ -785,7 +1249,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "/", { "Fn::GetAtt": [ - "gollucciusMyBucket8AE21148", + "continuouslearningtrainingRedirectRedirectBucket46C30C3B", "WebsiteURL", ], }, @@ -793,119 +1257,79 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, ], }, - "Id": "p6sitesgollucciusDistributionOrigin105E0BDF6", + "Id": "origin1", }, ], + "PriceClass": "PriceClass_All", "ViewerCertificate": { "AcmCertificateArn": { - "Ref": "gollucciusWWWCertificate043C8065", + "Fn::GetAtt": [ + "continuouslearningtrainingRedirectRedirectCertificateCertificateRequestorResource65EDAA90", + "Arn", + ], }, - "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", }, }, }, "Type": "AWS::CloudFront::Distribution", }, - "gollucciusMyBucket8AE21148": { - "DeletionPolicy": "Delete", + "gollucciinfoCachePolicyD289AF8C": { "Properties": { - "AccessControl": "BucketOwnerFullControl", - "CorsConfiguration": { - "CorsRules": [ - { - "AllowedHeaders": [ - "*", - ], - "AllowedMethods": [ - "GET", - "PUT", - ], - "AllowedOrigins": [ - "*", - ], - "MaxAge": 3000, + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitesgollucciinfoCachePolicyEB870F93-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", }, - ], - }, - "PublicAccessBlockConfiguration": { - "BlockPublicAcls": true, - "IgnorePublicAcls": true, - }, - "WebsiteConfiguration": { - "IndexDocument": "index.html", - }, - }, - "Type": "AWS::S3::Bucket", - "UpdateReplacePolicy": "Delete", - }, - "gollucciusMyBucketPolicy6FC749FF": { - "Properties": { - "Bucket": { - "Ref": "gollucciusMyBucket8AE21148", - }, - "PolicyDocument": { - "Statement": [ - { - "Action": "s3:GetObject", - "Effect": "Allow", - "Principal": { - "AWS": "*", - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "gollucciusMyBucket8AE21148", - "Arn", - ], - }, - "/*", - ], - ], - }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", }, - ], - "Version": "2012-10-17", - }, - }, - "Type": "AWS::S3::BucketPolicy", - }, - "gollucciusOAI2D431335": { - "Properties": { - "CloudFrontOriginAccessIdentityConfig": { - "Comment": "Allows CloudFront to reach the bucket", + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, }, }, - "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + "Type": "AWS::CloudFront::CachePolicy", }, - "gollucciusWWWCertificate043C8065": { + "gollucciinfoCertificate0D3B88C0": { "Properties": { - "DomainName": "www.gollucci.us", + "DomainName": "gollucci.info", "DomainValidationOptions": [ { - "DomainName": "www.gollucci.us", - "ValidationDomain": "gollucci.us", + "DomainName": "gollucci.info", + "ValidationDomain": "gollucci.info", + }, + { + "DomainName": "www.gollucci.info", + "ValidationDomain": "gollucci.info", }, ], + "SubjectAlternativeNames": [ + "www.gollucci.info", + ], "Tags": [ { "Key": "Name", - "Value": "p6-sites/gollucci.us/WWW-Certificate", + "Value": "p6-sites/gollucci.info/Certificate", }, ], "ValidationMethod": "EMAIL", }, "Type": "AWS::CertificateManager::Certificate", }, - "p6m7g8orgCloudfrontDnsRecord3DF50A73": { + "gollucciinfoCloudfrontDnsRecordAAAAWWW4C95C94F": { "Properties": { "AliasTarget": { "DNSName": { "Fn::GetAtt": [ - "p6m7g8orgDistributionB3F378E3", + "gollucciinfoDistribution2DF96552", "DomainName", ], }, @@ -920,31 +1344,69 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, }, "HostedZoneId": "DUMMY", - "Name": "www.p6m7g8.org.", + "Name": "www.gollucci.info.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciinfoCloudfrontDnsRecordWWW59780807": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciinfoDistribution2DF96552", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.gollucci.info.", "Type": "A", }, "Type": "AWS::Route53::RecordSet", }, - "p6m7g8orgDistributionB3F378E3": { + "gollucciinfoDistribution2DF96552": { "Properties": { "DistributionConfig": { "Aliases": [ - "www.p6m7g8.org", + "gollucci.info", + "www.gollucci.info", ], + "Comment": "www.gollucci.info", "DefaultCacheBehavior": { "AllowedMethods": [ "GET", "HEAD", - "OPTIONS", ], - "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", + "CachePolicyId": { + "Ref": "gollucciinfoCachePolicyD289AF8C", + }, "Compress": true, - "TargetOriginId": "p6sitesp6m7g8orgDistributionOrigin16B3C11D3", - "ViewerProtocolPolicy": "allow-all", + "TargetOriginId": "p6sitesgollucciinfoDistributionOrigin1D03A0A00", + "ViewerProtocolPolicy": "redirect-to-https", }, + "DefaultRootObject": "index.html", "Enabled": true, "HttpVersion": "http2", "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "gollucciinfoLogBucket48B67CF0", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, "Origins": [ { "CustomOriginConfig": { @@ -961,7 +1423,7 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "/", { "Fn::GetAtt": [ - "p6m7g8orgMyBucket9D229790", + "gollucciinfoMyBucketCE279C32", "WebsiteURL", ], }, @@ -969,12 +1431,13 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, ], }, - "Id": "p6sitesp6m7g8orgDistributionOrigin16B3C11D3", + "Id": "p6sitesgollucciinfoDistributionOrigin1D03A0A00", }, ], + "PriceClass": "PriceClass_100", "ViewerCertificate": { "AcmCertificateArn": { - "Ref": "p6m7g8orgWWWCertificateBBDD2C03", + "Ref": "gollucciinfoCertificate0D3B88C0", }, "MinimumProtocolVersion": "TLSv1.2_2021", "SslSupportMethod": "sni-only", @@ -983,10 +1446,1974 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::Distribution", }, - "p6m7g8orgMyBucket9D229790": { + "gollucciinfoLogBucket48B67CF0": { "DeletionPolicy": "Delete", "Properties": { - "AccessControl": "BucketOwnerFullControl", + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciinfoLogBucketPolicy9D1F1B9C": { + "Properties": { + "Bucket": { + "Ref": "gollucciinfoLogBucket48B67CF0", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com", + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciinfoLogBucket48B67CF0", + "Arn", + ], + }, + "/*", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciinfoMyBucketCE279C32": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "BucketOwnerFullControl", + "CorsConfiguration": { + "CorsRules": [ + { + "AllowedHeaders": [ + "*", + ], + "AllowedMethods": [ + "GET", + "PUT", + ], + "AllowedOrigins": [ + "*", + ], + "MaxAge": 3000, + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + "WebsiteConfiguration": { + "IndexDocument": "index.html", + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciinfoMyBucketPolicy14D907C5": { + "Properties": { + "Bucket": { + "Ref": "gollucciinfoMyBucketCE279C32", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], + "Effect": "Allow", + "Principal": { + "CanonicalUser": { + "Fn::GetAtt": [ + "gollucciinfoOAIB014D255", + "S3CanonicalUserId", + ], + }, + }, + "Resource": [ + { + "Fn::GetAtt": [ + "gollucciinfoMyBucketCE279C32", + "Arn", + ], + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciinfoMyBucketCE279C32", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciinfoOAIB014D255": { + "Properties": { + "CloudFrontOriginAccessIdentityConfig": { + "Comment": "Allows CloudFront to reach the bucket", + }, + }, + "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + }, + "gollucciinfoRedirectRedirectAliasRecord3e9e8f83D089FE": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectDistributionCFDistributionB661295E", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.info.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciinfoRedirectRedirectAliasRecordSix3e9e8f049AC3E7": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectDistributionCFDistributionB661295E", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.info.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciinfoRedirectRedirectBucket9DEF04A4": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.gollucci.info", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunction35F1F8D0": { + "DependsOn": [ + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy68713F20", + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRole412E27DA", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRole412E27DA", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRole412E27DA": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy68713F20": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.gollucci.info", + "*.gollucci.info", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy68713F20", + "Roles": [ + { + "Ref": "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunctionServiceRole412E27DA", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "gollucciinfoRedirectRedirectCertificateCertificateRequestorResource6A9F47A5": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "gollucci.info", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectCertificateCertificateRequestorFunction35F1F8D0", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "gollucci.info", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "gollucciinfoRedirectRedirectDistributionCFDistributionB661295E": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "gollucci.info", + ], + "Comment": "Redirect to www.gollucci.info from gollucci.info", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachedMethods": [ + "GET", + "HEAD", + ], + "Compress": true, + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Origins": [ + { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, + "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, + "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectBucket9DEF04A4", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "origin1", + }, + ], + "PriceClass": "PriceClass_All", + "ViewerCertificate": { + "AcmCertificateArn": { + "Fn::GetAtt": [ + "gollucciinfoRedirectRedirectCertificateCertificateRequestorResource6A9F47A5", + "Arn", + ], + }, + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "gollucciioCachePolicy966F1EC8": { + "Properties": { + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitesgollucciioCachePolicyB120F5C3-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", + }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", + }, + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, + }, + }, + "Type": "AWS::CloudFront::CachePolicy", + }, + "gollucciioCertificate231B96C9": { + "Properties": { + "DomainName": "gollucci.io", + "DomainValidationOptions": [ + { + "DomainName": "gollucci.io", + "ValidationDomain": "gollucci.io", + }, + { + "DomainName": "www.gollucci.io", + "ValidationDomain": "gollucci.io", + }, + ], + "SubjectAlternativeNames": [ + "www.gollucci.io", + ], + "Tags": [ + { + "Key": "Name", + "Value": "p6-sites/gollucci.io/Certificate", + }, + ], + "ValidationMethod": "EMAIL", + }, + "Type": "AWS::CertificateManager::Certificate", + }, + "gollucciioCloudfrontDnsRecordAAAAWWW80376C8B": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciioDistribution4D09EAB0", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.gollucci.io.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciioCloudfrontDnsRecordWWW8C0B5180": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciioDistribution4D09EAB0", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.gollucci.io.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciioDistribution4D09EAB0": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "gollucci.io", + "www.gollucci.io", + ], + "Comment": "www.gollucci.io", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachePolicyId": { + "Ref": "gollucciioCachePolicy966F1EC8", + }, + "Compress": true, + "TargetOriginId": "p6sitesgollucciioDistributionOrigin149C1ED9E", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "index.html", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "gollucciioLogBucket4AF0B757", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, + "Origins": [ + { + "CustomOriginConfig": { + "OriginProtocolPolicy": "http-only", + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "gollucciioMyBucket1B79BDF2", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "p6sitesgollucciioDistributionOrigin149C1ED9E", + }, + ], + "PriceClass": "PriceClass_100", + "ViewerCertificate": { + "AcmCertificateArn": { + "Ref": "gollucciioCertificate231B96C9", + }, + "MinimumProtocolVersion": "TLSv1.2_2021", + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "gollucciioLogBucket4AF0B757": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciioLogBucketPolicyBD1256E9": { + "Properties": { + "Bucket": { + "Ref": "gollucciioLogBucket4AF0B757", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com", + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciioLogBucket4AF0B757", + "Arn", + ], + }, + "/*", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciioMyBucket1B79BDF2": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "BucketOwnerFullControl", + "CorsConfiguration": { + "CorsRules": [ + { + "AllowedHeaders": [ + "*", + ], + "AllowedMethods": [ + "GET", + "PUT", + ], + "AllowedOrigins": [ + "*", + ], + "MaxAge": 3000, + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + "WebsiteConfiguration": { + "IndexDocument": "index.html", + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciioMyBucketPolicy41E7DDB6": { + "Properties": { + "Bucket": { + "Ref": "gollucciioMyBucket1B79BDF2", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], + "Effect": "Allow", + "Principal": { + "CanonicalUser": { + "Fn::GetAtt": [ + "gollucciioOAI79A047F2", + "S3CanonicalUserId", + ], + }, + }, + "Resource": [ + { + "Fn::GetAtt": [ + "gollucciioMyBucket1B79BDF2", + "Arn", + ], + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciioMyBucket1B79BDF2", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciioOAI79A047F2": { + "Properties": { + "CloudFrontOriginAccessIdentityConfig": { + "Comment": "Allows CloudFront to reach the bucket", + }, + }, + "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + }, + "gollucciioRedirectRedirectAliasRecord96f14e1DF0F70F": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectDistributionCFDistributionD8850BA9", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.io.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciioRedirectRedirectAliasRecordSix96f14eCFCAA425": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectDistributionCFDistributionD8850BA9", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.io.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciioRedirectRedirectBucket9B0D954E": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.gollucci.io", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionFCE61C5F": { + "DependsOn": [ + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyBAEFB897", + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleACAA9C36", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleACAA9C36", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleACAA9C36": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyBAEFB897": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.gollucci.io", + "*.gollucci.io", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyBAEFB897", + "Roles": [ + { + "Ref": "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleACAA9C36", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "gollucciioRedirectRedirectCertificateCertificateRequestorResource841AC5DB": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "gollucci.io", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectCertificateCertificateRequestorFunctionFCE61C5F", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "gollucci.io", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "gollucciioRedirectRedirectDistributionCFDistributionD8850BA9": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "gollucci.io", + ], + "Comment": "Redirect to www.gollucci.io from gollucci.io", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachedMethods": [ + "GET", + "HEAD", + ], + "Compress": true, + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Origins": [ + { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, + "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, + "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectBucket9B0D954E", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "origin1", + }, + ], + "PriceClass": "PriceClass_All", + "ViewerCertificate": { + "AcmCertificateArn": { + "Fn::GetAtt": [ + "gollucciioRedirectRedirectCertificateCertificateRequestorResource841AC5DB", + "Arn", + ], + }, + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "gollucciusCachePolicyE3C7C4E1": { + "Properties": { + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitesgollucciusCachePolicyE765C3C7-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", + }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", + }, + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, + }, + }, + "Type": "AWS::CloudFront::CachePolicy", + }, + "gollucciusCertificateFAAABFEA": { + "Properties": { + "DomainName": "gollucci.us", + "DomainValidationOptions": [ + { + "DomainName": "gollucci.us", + "ValidationDomain": "gollucci.us", + }, + { + "DomainName": "www.gollucci.us", + "ValidationDomain": "gollucci.us", + }, + ], + "SubjectAlternativeNames": [ + "www.gollucci.us", + ], + "Tags": [ + { + "Key": "Name", + "Value": "p6-sites/gollucci.us/Certificate", + }, + ], + "ValidationMethod": "EMAIL", + }, + "Type": "AWS::CertificateManager::Certificate", + }, + "gollucciusCloudfrontDnsRecordAAAAWWWD65AC163": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciusDistribution4E9FA363", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.gollucci.us.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciusCloudfrontDnsRecordWWW3D6EA485": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciusDistribution4E9FA363", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.gollucci.us.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciusDistribution4E9FA363": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "gollucci.us", + "www.gollucci.us", + ], + "Comment": "www.gollucci.us", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachePolicyId": { + "Ref": "gollucciusCachePolicyE3C7C4E1", + }, + "Compress": true, + "TargetOriginId": "p6sitesgollucciusDistributionOrigin105E0BDF6", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "index.html", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "gollucciusLogBucket43EAF4CF", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, + "Origins": [ + { + "CustomOriginConfig": { + "OriginProtocolPolicy": "http-only", + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "gollucciusMyBucket8AE21148", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "p6sitesgollucciusDistributionOrigin105E0BDF6", + }, + ], + "PriceClass": "PriceClass_100", + "ViewerCertificate": { + "AcmCertificateArn": { + "Ref": "gollucciusCertificateFAAABFEA", + }, + "MinimumProtocolVersion": "TLSv1.2_2021", + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "gollucciusLogBucket43EAF4CF": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciusLogBucketPolicy5138F4A9": { + "Properties": { + "Bucket": { + "Ref": "gollucciusLogBucket43EAF4CF", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com", + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciusLogBucket43EAF4CF", + "Arn", + ], + }, + "/*", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciusMyBucket8AE21148": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "BucketOwnerFullControl", + "CorsConfiguration": { + "CorsRules": [ + { + "AllowedHeaders": [ + "*", + ], + "AllowedMethods": [ + "GET", + "PUT", + ], + "AllowedOrigins": [ + "*", + ], + "MaxAge": 3000, + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + "WebsiteConfiguration": { + "IndexDocument": "index.html", + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciusMyBucketPolicy6FC749FF": { + "Properties": { + "Bucket": { + "Ref": "gollucciusMyBucket8AE21148", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], + "Effect": "Allow", + "Principal": { + "CanonicalUser": { + "Fn::GetAtt": [ + "gollucciusOAI2D431335", + "S3CanonicalUserId", + ], + }, + }, + "Resource": [ + { + "Fn::GetAtt": [ + "gollucciusMyBucket8AE21148", + "Arn", + ], + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "gollucciusMyBucket8AE21148", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "gollucciusOAI2D431335": { + "Properties": { + "CloudFrontOriginAccessIdentityConfig": { + "Comment": "Allows CloudFront to reach the bucket", + }, + }, + "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", + }, + "gollucciusRedirectRedirectAliasRecordSixf1b6580570BEB8": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectDistributionCFDistribution4C5F9326", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.us.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciusRedirectRedirectAliasRecordf1b658E850D798": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectDistributionCFDistribution4C5F9326", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "gollucci.us.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "gollucciusRedirectRedirectBucketB0D402B4": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.gollucci.us", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionE140DC4A": { + "DependsOn": [ + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFF50BAE2", + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDF51F1E6", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDF51F1E6", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDF51F1E6": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ + { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], + }, + ], + }, + "Type": "AWS::IAM::Role", + }, + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFF50BAE2": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.gollucci.us", + "*.gollucci.us", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicyFF50BAE2", + "Roles": [ + { + "Ref": "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDF51F1E6", + }, + ], + }, + "Type": "AWS::IAM::Policy", + }, + "gollucciusRedirectRedirectCertificateCertificateRequestorResource4FE2D187": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "gollucci.us", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectCertificateCertificateRequestorFunctionE140DC4A", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "gollucci.us", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "gollucciusRedirectRedirectDistributionCFDistribution4C5F9326": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "gollucci.us", + ], + "Comment": "Redirect to www.gollucci.us from gollucci.us", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachedMethods": [ + "GET", + "HEAD", + ], + "Compress": true, + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Origins": [ + { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, + "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, + "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectBucketB0D402B4", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "origin1", + }, + ], + "PriceClass": "PriceClass_All", + "ViewerCertificate": { + "AcmCertificateArn": { + "Fn::GetAtt": [ + "gollucciusRedirectRedirectCertificateCertificateRequestorResource4FE2D187", + "Arn", + ], + }, + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "p6m7g8orgCachePolicyF5F0FE5F": { + "Properties": { + "CachePolicyConfig": { + "DefaultTTL": 86400, + "MaxTTL": 31536000, + "MinTTL": 0, + "Name": "p6sitesp6m7g8orgCachePolicyC271D8A2-us-east-1", + "ParametersInCacheKeyAndForwardedToOrigin": { + "CookiesConfig": { + "CookieBehavior": "none", + }, + "EnableAcceptEncodingBrotli": true, + "EnableAcceptEncodingGzip": true, + "HeadersConfig": { + "HeaderBehavior": "none", + }, + "QueryStringsConfig": { + "QueryStringBehavior": "none", + }, + }, + }, + }, + "Type": "AWS::CloudFront::CachePolicy", + }, + "p6m7g8orgCertificateD5A4BD94": { + "Properties": { + "DomainName": "p6m7g8.org", + "DomainValidationOptions": [ + { + "DomainName": "p6m7g8.org", + "ValidationDomain": "p6m7g8.org", + }, + { + "DomainName": "www.p6m7g8.org", + "ValidationDomain": "p6m7g8.org", + }, + ], + "SubjectAlternativeNames": [ + "www.p6m7g8.org", + ], + "Tags": [ + { + "Key": "Name", + "Value": "p6-sites/p6m7g8.org/Certificate", + }, + ], + "ValidationMethod": "EMAIL", + }, + "Type": "AWS::CertificateManager::Certificate", + }, + "p6m7g8orgCloudfrontDnsRecordAAAAWWW73294712": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "p6m7g8orgDistributionB3F378E3", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.p6m7g8.org.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "p6m7g8orgCloudfrontDnsRecordWWWF2ADF083": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "p6m7g8orgDistributionB3F378E3", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "www.p6m7g8.org.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "p6m7g8orgDistributionB3F378E3": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "p6m7g8.org", + "www.p6m7g8.org", + ], + "Comment": "www.p6m7g8.org", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachePolicyId": { + "Ref": "p6m7g8orgCachePolicyF5F0FE5F", + }, + "Compress": true, + "TargetOriginId": "p6sitesp6m7g8orgDistributionOrigin16B3C11D3", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "index.html", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Logging": { + "Bucket": { + "Fn::GetAtt": [ + "p6m7g8orgLogBucketB30AAD83", + "RegionalDomainName", + ], + }, + "IncludeCookies": true, + }, + "Origins": [ + { + "CustomOriginConfig": { + "OriginProtocolPolicy": "http-only", + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "p6m7g8orgMyBucket9D229790", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "p6sitesp6m7g8orgDistributionOrigin16B3C11D3", + }, + ], + "PriceClass": "PriceClass_100", + "ViewerCertificate": { + "AcmCertificateArn": { + "Ref": "p6m7g8orgCertificateD5A4BD94", + }, + "MinimumProtocolVersion": "TLSv1.2_2021", + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", + }, + "p6m7g8orgLogBucketB30AAD83": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "LogDeliveryWrite", + "BucketEncryption": { + "ServerSideEncryptionConfiguration": [ + { + "ServerSideEncryptionByDefault": { + "SSEAlgorithm": "AES256", + }, + }, + ], + }, + "OwnershipControls": { + "Rules": [ + { + "ObjectOwnership": "ObjectWriter", + }, + ], + }, + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "IgnorePublicAcls": true, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "p6m7g8orgLogBucketPolicy54549AE9": { + "Properties": { + "Bucket": { + "Ref": "p6m7g8orgLogBucketB30AAD83", + }, + "PolicyDocument": { + "Statement": [ + { + "Action": "s3:PutObject", + "Condition": { + "ArnLike": { + "aws:SourceArn": { + "Fn::Join": [ + "", + [ + "arn:aws:cloudfront::", + { + "Ref": "AWS::AccountId", + }, + ":distribution/*", + ], + ], + }, + }, + "StringEquals": { + "aws:SourceAccount": { + "Ref": "AWS::AccountId", + }, + }, + }, + "Effect": "Allow", + "Principal": { + "Service": "delivery.logs.amazonaws.com", + }, + "Resource": { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "p6m7g8orgLogBucketB30AAD83", + "Arn", + ], + }, + "/*", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + }, + "Type": "AWS::S3::BucketPolicy", + }, + "p6m7g8orgMyBucket9D229790": { + "DeletionPolicy": "Delete", + "Properties": { + "AccessControl": "BucketOwnerFullControl", "CorsConfiguration": { "CorsRules": [ { @@ -1023,25 +3450,42 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ "PolicyDocument": { "Statement": [ { - "Action": "s3:GetObject", + "Action": [ + "s3:GetObject*", + "s3:GetBucket*", + "s3:List*", + ], "Effect": "Allow", "Principal": { - "AWS": "*", - }, - "Resource": { - "Fn::Join": [ - "", - [ - { - "Fn::GetAtt": [ - "p6m7g8orgMyBucket9D229790", - "Arn", - ], - }, - "/*", + "CanonicalUser": { + "Fn::GetAtt": [ + "p6m7g8orgOAI2F0DBA21", + "S3CanonicalUserId", ], - ], + }, }, + "Resource": [ + { + "Fn::GetAtt": [ + "p6m7g8orgMyBucket9D229790", + "Arn", + ], + }, + { + "Fn::Join": [ + "", + [ + { + "Fn::GetAtt": [ + "p6m7g8orgMyBucket9D229790", + "Arn", + ], + }, + "/*", + ], + ], + }, + ], }, ], "Version": "2012-10-17", @@ -1057,24 +3501,286 @@ exports[`myStack Snapshot Test should match the synthesized CloudFormation templ }, "Type": "AWS::CloudFront::CloudFrontOriginAccessIdentity", }, - "p6m7g8orgWWWCertificateBBDD2C03": { + "p6m7g8orgRedirectRedirectAliasRecord0c386926F4066A": { "Properties": { - "DomainName": "www.p6m7g8.org", - "DomainValidationOptions": [ + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectDistributionCFDistribution65F58384", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "p6m7g8.org.", + "Type": "A", + }, + "Type": "AWS::Route53::RecordSet", + }, + "p6m7g8orgRedirectRedirectAliasRecordSix0c386996DB2583": { + "Properties": { + "AliasTarget": { + "DNSName": { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectDistributionCFDistribution65F58384", + "DomainName", + ], + }, + "HostedZoneId": { + "Fn::FindInMap": [ + "AWSCloudFrontPartitionHostedZoneIdMap", + { + "Ref": "AWS::Partition", + }, + "zoneId", + ], + }, + }, + "HostedZoneId": "DUMMY", + "Name": "p6m7g8.org.", + "Type": "AAAA", + }, + "Type": "AWS::Route53::RecordSet", + }, + "p6m7g8orgRedirectRedirectBucket87455507": { + "DeletionPolicy": "Delete", + "Properties": { + "PublicAccessBlockConfiguration": { + "BlockPublicAcls": true, + "BlockPublicPolicy": true, + "IgnorePublicAcls": true, + "RestrictPublicBuckets": true, + }, + "WebsiteConfiguration": { + "RedirectAllRequestsTo": { + "HostName": "www.p6m7g8.org", + "Protocol": "https", + }, + }, + }, + "Type": "AWS::S3::Bucket", + "UpdateReplacePolicy": "Delete", + }, + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionEDDBD27E": { + "DependsOn": [ + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy83D60229", + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRole35B11BD9", + ], + "Properties": { + "Code": { + "S3Bucket": "cdk-hnb659fds-assets-346733622331-us-east-1", + "S3Key": "b073cebcf4d61fb152a30f5a5e57a94df7f980a549fdf1a79a0b18c5750522d8.zip", + }, + "Handler": "index.certificateRequestHandler", + "Role": { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRole35B11BD9", + "Arn", + ], + }, + "Runtime": "nodejs20.x", + "Timeout": 900, + }, + "Type": "AWS::Lambda::Function", + }, + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRole35B11BD9": { + "Properties": { + "AssumeRolePolicyDocument": { + "Statement": [ + { + "Action": "sts:AssumeRole", + "Effect": "Allow", + "Principal": { + "Service": "lambda.amazonaws.com", + }, + }, + ], + "Version": "2012-10-17", + }, + "ManagedPolicyArns": [ { - "DomainName": "www.p6m7g8.org", - "ValidationDomain": "p6m7g8.org", + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":iam::aws:policy/service-role/AWSLambdaBasicExecutionRole", + ], + ], }, ], - "Tags": [ + }, + "Type": "AWS::IAM::Role", + }, + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy83D60229": { + "Properties": { + "PolicyDocument": { + "Statement": [ + { + "Action": [ + "acm:RequestCertificate", + "acm:DescribeCertificate", + "acm:DeleteCertificate", + "acm:AddTagsToCertificate", + ], + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:GetChange", + "Effect": "Allow", + "Resource": "*", + }, + { + "Action": "route53:changeResourceRecordSets", + "Condition": { + "ForAllValues:StringEquals": { + "route53:ChangeResourceRecordSetsActions": [ + "UPSERT", + ], + "route53:ChangeResourceRecordSetsRecordTypes": [ + "CNAME", + ], + }, + "ForAllValues:StringLike": { + "route53:ChangeResourceRecordSetsNormalizedRecordNames": [ + "*.p6m7g8.org", + "*.p6m7g8.org", + ], + }, + }, + "Effect": "Allow", + "Resource": { + "Fn::Join": [ + "", + [ + "arn:", + { + "Ref": "AWS::Partition", + }, + ":route53:::hostedzone/DUMMY", + ], + ], + }, + }, + ], + "Version": "2012-10-17", + }, + "PolicyName": "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRoleDefaultPolicy83D60229", + "Roles": [ { - "Key": "Name", - "Value": "p6-sites/p6m7g8.org/WWW-Certificate", + "Ref": "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionServiceRole35B11BD9", }, ], - "ValidationMethod": "EMAIL", }, - "Type": "AWS::CertificateManager::Certificate", + "Type": "AWS::IAM::Policy", + }, + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorResource47A43B2A": { + "DeletionPolicy": "Delete", + "Properties": { + "DomainName": "p6m7g8.org", + "HostedZoneId": "DUMMY", + "Region": "us-east-1", + "ServiceToken": { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorFunctionEDDBD27E", + "Arn", + ], + }, + "SubjectAlternativeNames": [ + "p6m7g8.org", + ], + }, + "Type": "AWS::CloudFormation::CustomResource", + "UpdateReplacePolicy": "Delete", + }, + "p6m7g8orgRedirectRedirectDistributionCFDistribution65F58384": { + "Properties": { + "DistributionConfig": { + "Aliases": [ + "p6m7g8.org", + ], + "Comment": "Redirect to www.p6m7g8.org from p6m7g8.org", + "DefaultCacheBehavior": { + "AllowedMethods": [ + "GET", + "HEAD", + ], + "CachedMethods": [ + "GET", + "HEAD", + ], + "Compress": true, + "ForwardedValues": { + "Cookies": { + "Forward": "none", + }, + "QueryString": false, + }, + "TargetOriginId": "origin1", + "ViewerProtocolPolicy": "redirect-to-https", + }, + "DefaultRootObject": "", + "Enabled": true, + "HttpVersion": "http2", + "IPV6Enabled": true, + "Origins": [ + { + "ConnectionAttempts": 3, + "ConnectionTimeout": 10, + "CustomOriginConfig": { + "HTTPPort": 80, + "HTTPSPort": 443, + "OriginKeepaliveTimeout": 5, + "OriginProtocolPolicy": "http-only", + "OriginReadTimeout": 30, + "OriginSSLProtocols": [ + "TLSv1.2", + ], + }, + "DomainName": { + "Fn::Select": [ + 2, + { + "Fn::Split": [ + "/", + { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectBucket87455507", + "WebsiteURL", + ], + }, + ], + }, + ], + }, + "Id": "origin1", + }, + ], + "PriceClass": "PriceClass_All", + "ViewerCertificate": { + "AcmCertificateArn": { + "Fn::GetAtt": [ + "p6m7g8orgRedirectRedirectCertificateCertificateRequestorResource47A43B2A", + "Arn", + ], + }, + "SslSupportMethod": "sni-only", + }, + }, + }, + "Type": "AWS::CloudFront::Distribution", }, }, "Rules": {