diff --git a/serverless.yml b/serverless.yml index da239ad..76887b7 100644 --- a/serverless.yml +++ b/serverless.yml @@ -141,92 +141,3 @@ constructs: custom: lift: - use: shared - s3: - assets: - public: true - cors: true - -resources: - - Conditions: - IsProd: - Fn::Equals: - - ${sls:stage} - - prod - - Resources: - - # We use CloudFront in front of API Gateway to be able to redirect HTTP to HTTPS - # because API Gateway does not listen at all to HTTP requests. - CDN: - Type: AWS::CloudFront::Distribution - Condition: IsProd - Properties: - DistributionConfig: - Enabled: true - # Cheapest option by default (https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DistributionConfig.html) - PriceClass: PriceClass_100 - # Enable http2 transfer for better performances - HttpVersion: http2 - # Origins are where CloudFront fetches content - Origins: - # The website (AWS Lambda) - - Id: Website - DomainName: !Join ['.', [!Ref HttpApi, 'execute-api', !Ref AWS::Region, 'amazonaws.com']] - CustomOriginConfig: - OriginProtocolPolicy: 'https-only' # API Gateway only supports HTTPS - # The assets (S3) - - Id: Assets - DomainName: 'externals-prod-assets.s3-eu-west-1.amazonaws.com' - CustomOriginConfig: - OriginProtocolPolicy: 'http-only' # S3 websites only support HTTP - # The default behavior is to send everything to AWS Lambda - DefaultCacheBehavior: - AllowedMethods: [GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE] - TargetOriginId: Website # the PHP application - # Disable caching for the PHP application https://aws.amazon.com/premiumsupport/knowledge-center/prevent-cloudfront-from-caching-files/ - DefaultTTL: 0 - MinTTL: 0 - MaxTTL: 0 - # https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-forwardedvalues.html - ForwardedValues: - QueryString: true - Cookies: - Forward: all # Forward cookies to use them in PHP - # We must *not* forward the `Host` header else it messes up API Gateway - Headers: - - 'Accept' - - 'Accept-Encoding' - - 'Accept-Language' - - 'Authorization' - - 'Origin' - - 'Referer' - ViewerProtocolPolicy: redirect-to-https - CacheBehaviors: - # Assets will be served under the `/assets/` prefix - - PathPattern: 'assets/*' - TargetOriginId: Assets # the static files on S3 - AllowedMethods: [GET, HEAD] - ForwardedValues: - # We use the query string to bust the cache - QueryString: 'true' - Cookies: - Forward: none - ViewerProtocolPolicy: redirect-to-https - Compress: true # Serve files with gzip for browsers that support it (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) - CustomErrorResponses: - # Force CloudFront to not cache HTTP errors - - ErrorCode: 500 - ErrorCachingMinTTL: 0 - - ErrorCode: 504 - ErrorCachingMinTTL: 0 - # Custom domain name - #Aliases: - # - externals.io - # - v3.externals.io - #ViewerCertificate: - # # ARN of the certificate created in ACM - # AcmCertificateArn: arn:aws:acm:us-east-1:416566615250:certificate/0f28e63d-d3a9-4578-9f8b-14347bfe8326 - # # See https://docs.aws.amazon.com/fr_fr/cloudfront/latest/APIReference/API_ViewerCertificate.html - # SslSupportMethod: 'sni-only'