-
Notifications
You must be signed in to change notification settings - Fork 4
/
no-ssl-interactives.yml
79 lines (79 loc) · 2.59 KB
/
no-ssl-interactives.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
AWSTemplateFormatVersion: '2010-09-09'
Description: cloudfront and domain for old http interactives
Resources:
DNS:
Type: AWS::Route53::RecordSet
Properties:
AliasTarget:
# need to get this from the cloudfront distribution
DNSName: !GetAtt CloudFrontDistribution.DomainName
# static zone id from documentation
HostedZoneId: Z2FDTNDATAQYW2
HostedZoneName: concord.org.
Name: no-ssl-interactives.concord.org
Type: A
CloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Aliases:
- no-ssl-interactives.concord.org
CacheBehaviors:
# this is just an example
- AllowedMethods:
- GET
- HEAD
Compress: false
ForwardedValues:
QueryString: false
PathPattern: 'eoc/*'
TargetOriginId: EarthGuide
ViewerProtocolPolicy: redirect-to-https
- AllowedMethods:
- GET
- HEAD
Compress: false
ForwardedValues:
QueryString: false
PathPattern: 'hawaii/*'
TargetOriginId: GeoCornell
ViewerProtocolPolicy: redirect-to-https
Comment: Cloudfront Distribution for old http interactives
# FIXME: I'm not sure what to use here for the default
# ideally it would be some kind of static error page
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
Compress: false
ForwardedValues:
QueryString: true
Cookies:
Forward: none
# support CORS Requests to the resources
Headers:
- Origin
- Access-Control-Request-Headers
- Access-Control-Request-Method
# pick a random origin for now
TargetOriginId: GeoCornell
ViewerProtocolPolicy: redirect-to-https
Enabled: true
HttpVersion: http2
Logging:
Bucket: cc-cloudfront-logs.s3.amazonaws.com
IncludeCookies: false
Prefix: project-resources
PriceClass: PriceClass_All
Origins:
- DomainName: earthguide.ucsd.edu
Id: EarthGuide
CustomOriginConfig:
OriginProtocolPolicy: http-only
- DomainName: www.geo.cornell.edu
Id: GeoCornell
CustomOriginConfig:
OriginProtocolPolicy: http-only
ViewerCertificate:
AcmCertificateArn: arn:aws:acm:us-east-1:612297603577:certificate/2b62511e-ccc8-434b-ba6c-a8c33bbd509e
SslSupportMethod: sni-only