template.yaml

AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
  ronit-cloud-resume
  
  Sample SAM Template for ronit-cloud-resume

# More info about Globals: https://github.com/awslabs/serverless-application-model/blob/master/docs/globals.rst
Globals:
  Function:
    Timeout: 5

Resources:
  MyWebsite:
    Type: AWS::S3::Bucket
    Properties:
      AccessControl: PublicRead
      WebsiteConfiguration:
        IndexDocument: index.html
      BucketName: ronit-demo-site

  DynamoDBTable:
    Type: AWS::DynamoDB::Table
    Properties:
      TableName: ronit-cloud-resume
      BillingMode: PAY_PER_REQUEST
      AttributeDefinitions:
        - AttributeName: "ID"
          AttributeType: "S"
      KeySchema:
        - AttributeName: "ID"
          KeyType: "HASH"

  MyRoute53Record:
    Type: "AWS::Route53::RecordSetGroup"
    Properties:
      HostedZoneId: Z04723851ZV06PPOSS6A2 # TODO: Don't hardcode me
      RecordSets:
        - Name: ronitbanerjee.xyz # TODO: Don't hardcode me
          Type: A
          AliasTarget:
            HostedZoneId: Z2FDTNDATAQYW2  # This is CloudFront HostedZoneId (Constant)
            DNSName: !GetAtt MyDistribution.DomainName
  
  MyCertificate:
    Type: AWS::CertificateManager::Certificate
    Properties:
      DomainName: ronitbanerjee.xyz # TODO: Don't hardcode me
      ValidationMethod: DNS

  MyDistribution:
    Type: "AWS::CloudFront::Distribution"
    Properties:
      DistributionConfig:
        ViewerCertificate:
            AcmCertificateArn: !Ref MyCertificate
            SslSupportMethod: sni-only
        DefaultCacheBehavior:
          ViewerProtocolPolicy: allow-all
          TargetOriginId: ronit-demo-site.s3.us-east-1.amazonaws.com
          DefaultTTL: 0
          MinTTL: 0
          MaxTTL: 0
          ForwardedValues:
            QueryString: false
        Origins:
          - DomainName: ronit-demo-site.s3.us-east-1.amazonaws.com
            Id: ronit-demo-site.s3.us-east-1.amazonaws.com
            CustomOriginConfig:
              OriginProtocolPolicy: match-viewer
        Enabled: "true"
        DefaultRootObject: index.html

  BucketPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      PolicyDocument:
        Id: MyPolicy
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: "*"
            Action: "s3:GetObject"
            Resource: !Join
              - ""
              - - "arn:aws:s3:::" 
                - !Ref MyWebsite
                - /*
      Bucket: !Ref MyWebsite
      
  GetFunction:
    Type: AWS::Serverless::Function
    Properties:
      Policies:
       - DynamoDBCrudPolicy:
            TableName: ronit-cloud-resume
      CodeUri: get-function/
      Handler: get-function
      Runtime: go1.x
      Architectures:
        - x86_64
      Events:
        CatchAll:
          Type: Api
          Properties:
            Path: /get
            Method: GET

  PutFunction:
    Type: AWS::Serverless::Function
    Properties:
      Policies:
        - DynamoDBCrudPolicy:
            TableName: ronit-cloud-resume
      CodeUri: put-function/
      Handler: put-function
      Runtime: go1.x
      Architectures:
        - x86_64
      Events:
        CatchAll:
          Type: Api
          Properties:
            Path: /put
            Method: GET