n-daisuke-blog-deployment-source/template-cloudfront.yaml

AWSTemplateFormatVersion: '2010-09-09'

Parameters:
  WebsiteBucketName:
    Type: String
    Description: "The name for the S3 bucket to be used for public website hosting (must be globally unique)"
    Default: "naputo-blog-public"

Resources:

  AddIndexFunction:
    Type: AWS::CloudFront::Function
    Properties:
      Name: "AddIndexFunction"
      AutoPublish: true
      FunctionConfig:
        Comment: "Appends index.html for directory URIs"
        Runtime: cloudfront-js-1.0
      FunctionCode: |
        function handler(event) {
          var request = event.request;
          var uri = request.uri;
          if (uri.endsWith("/")) {
            request.uri += "index.html";
          } else if (uri === "") {
            request.uri = "/index.html";
          }
          return request;
        }

  BlogOriginAccessControl:
    Type: AWS::CloudFront::OriginAccessControl
    Properties:
      OriginAccessControlConfig:
        Name: "MyBlogOAC"
        OriginAccessControlOriginType: s3
        SigningBehavior: always
        SigningProtocol: sigv4

  BlogCloudFrontDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Enabled: true
        DefaultRootObject: index.html
        Origins:
          - Id: S3WebsiteOrigin
            DomainName: !Sub "${WebsiteBucketName}.s3.amazonaws.com"
            OriginAccessControlId: !Ref BlogOriginAccessControl
            S3OriginConfig: {}
        DefaultCacheBehavior:
          TargetOriginId: S3WebsiteOrigin
          ViewerProtocolPolicy: redirect-to-https
          AllowedMethods:
            - GET
            - HEAD
          CachedMethods:
            - GET
            - HEAD
          ForwardedValues:
            QueryString: false
            Cookies:
              Forward: none
          FunctionAssociations:
            - EventType: viewer-request
              FunctionARN: !GetAtt AddIndexFunction.FunctionARN
        Aliases:
          - blog.n-daisuke897.com
        ViewerCertificate:
          AcmCertificateArn: !Sub "arn:aws:acm:us-east-1:${AWS::AccountId}:certificate/4d3e8182-71e0-4ccb-a437-36523f61a6c0"
          SslSupportMethod: sni-only
          MinimumProtocolVersion: TLSv1.2_2021
        PriceClass: PriceClass_200

Outputs:
  IdBlogCloudFrontDistribution:
    Value: !Ref BlogCloudFrontDistribution
    Export:
      Name: BlogCloudFrontDistribution-ID