publicdata/j40-cejst-2
1
0
Fork 0
mirror of https://github.com/DOI-DO/j40-cejst-2.git synced 2025-02-23 10:04:18 -08:00
Code Issues Projects Releases Packages Wiki Activity Actions
j40-cejst-2/infrastructure/resources-cloudfront.yml

85 lines
3.1 KiB
YAML
Raw Normal View History

Fargate Serverless Workers for Census Data Enrichment and Tile Generation (#230) * add basic infrastructure * add cloudfront distribution * WIP checkpoint * add ecs cluster * add conditions and route53 dns entry to cloudfront * WIP checkin * Added a raw execution mode for demo/testing * Add pre-defined Task for ogr2ogr * Tweak Task Definition name * Mostly working except for logging error * Add additional logging permissions * Succesfully executed ogr2ogr in fargate. S3 permissions needs to be addresses * Add multipart permissions * Add a few more actions * Put IAM Policy on the correct resource * Deploy lambda and update events * fix iam permissions 🤦🏻‍♂️ * Add reference to Tippecanoe container * Clean up to only use named actions * Refactor resources to include support for tippecanoe * Make a more interesting GDAL command * Pull all ECS variables into environment file; successful test of running tippecanoe container * Support pre/post commands * Refactor codebase and enable linting * Implement many-to-many enrichment between USDS CSV files and Census zipped shapefiles * Change the GDAL image to one with the built-in drivers * Add some additional fixes to support the enrichment use case * Clean up old hello-world example * Expand the README to include ways to execute the lambdas * Validate scheduled lambda execution and then comment out Co-authored-by: Tim Zwolak <timothypage@gmail.com>
2021-06-30 08:29:01 -05:00
Resources:
S3DataBucketPolicyCDN:
Type: AWS::S3::BucketPolicy
Properties:
Bucket:
Ref: DataBucket
PolicyDocument:
Statement:
- Effect: "Allow"
Action:
- "s3:GetObject"
Resource:
Fn::Join:
- ""
- - "arn:aws:s3:::"
- Ref: DataBucket
- "/*"
Principal: "*"
deployment configuration changes to serverless
2021-07-16 09:43:56 -04:00
# DataBucketCachePolicy:
# Type: AWS::CloudFront::CachePolicy
# Properties:
# CachePolicyConfig:
# Name: ${self:provider.stage}-${self:service}-cloudfront-cache-policy
# Comment: CloudFront Cache Policy for justice40 data harvester
# DefaultTTL: "86400" # one day, only if Origin does _not_ send `Cache-Control` or `Expires` headers
# MaxTTL: "31536000" # one year, used to validate when origin sends `Cache-Control` or `Expires` headers
# MinTTL: "1" # one second
# ParametersInCacheKeyAndForwardedToOrigin:
# EnableAcceptEncodingGzip: false
# EnableAcceptEncodingBrotli: false
# CookiesConfig:
# CookieBehavior: none
# HeadersConfig:
# HeaderBehavior: none
# QueryStringsConfig:
# QueryStringBehavior: none
Fargate Serverless Workers for Census Data Enrichment and Tile Generation (#230) * add basic infrastructure * add cloudfront distribution * WIP checkpoint * add ecs cluster * add conditions and route53 dns entry to cloudfront * WIP checkin * Added a raw execution mode for demo/testing * Add pre-defined Task for ogr2ogr * Tweak Task Definition name * Mostly working except for logging error * Add additional logging permissions * Succesfully executed ogr2ogr in fargate. S3 permissions needs to be addresses * Add multipart permissions * Add a few more actions * Put IAM Policy on the correct resource * Deploy lambda and update events * fix iam permissions 🤦🏻‍♂️ * Add reference to Tippecanoe container * Clean up to only use named actions * Refactor resources to include support for tippecanoe * Make a more interesting GDAL command * Pull all ECS variables into environment file; successful test of running tippecanoe container * Support pre/post commands * Refactor codebase and enable linting * Implement many-to-many enrichment between USDS CSV files and Census zipped shapefiles * Change the GDAL image to one with the built-in drivers * Add some additional fixes to support the enrichment use case * Clean up old hello-world example * Expand the README to include ways to execute the lambdas * Validate scheduled lambda execution and then comment out Co-authored-by: Tim Zwolak <timothypage@gmail.com>
2021-06-30 08:29:01 -05:00
deployment configuration changes to serverless
2021-07-16 09:43:56 -04:00
# DataDistribution:
# Type: AWS::CloudFront::Distribution
# Properties:
# DistributionConfig:
# Origins:
# - Id: DataBucket
# DomainName:
# # e.g. j40-sit-justice40-data-harvester-data.s3-website-us-east-1.amazonaws.com
# Fn::Join:
# - ""
# - - ${self:custom.namespaceShort}-
# - ${self:provider.stage}-
# - ${self:service}-
# - data
# - ".s3-website-"
# - Ref: AWS::Region
# - ".amazonaws.com"
# CustomOriginConfig:
# HTTPPort: '80'
# HTTPSPort: '443'
# OriginProtocolPolicy: http-only
# OriginSSLProtocols: [ "TLSv1", "TLSv1.1", "TLSv1.2" ]
# OriginCustomHeaders:
# - HeaderName: Origin # if the `Origin` header isn't present, S3 won't send CORS headers, this forces CORS to always be included
# HeaderValue: geoplatform.gov # this doesn't need to be anything specific, since Allow-Origin: * is our CORS policy, it just has to have a value
Fargate Serverless Workers for Census Data Enrichment and Tile Generation (#230) * add basic infrastructure * add cloudfront distribution * WIP checkpoint * add ecs cluster * add conditions and route53 dns entry to cloudfront * WIP checkin * Added a raw execution mode for demo/testing * Add pre-defined Task for ogr2ogr * Tweak Task Definition name * Mostly working except for logging error * Add additional logging permissions * Succesfully executed ogr2ogr in fargate. S3 permissions needs to be addresses * Add multipart permissions * Add a few more actions * Put IAM Policy on the correct resource * Deploy lambda and update events * fix iam permissions 🤦🏻‍♂️ * Add reference to Tippecanoe container * Clean up to only use named actions * Refactor resources to include support for tippecanoe * Make a more interesting GDAL command * Pull all ECS variables into environment file; successful test of running tippecanoe container * Support pre/post commands * Refactor codebase and enable linting * Implement many-to-many enrichment between USDS CSV files and Census zipped shapefiles * Change the GDAL image to one with the built-in drivers * Add some additional fixes to support the enrichment use case * Clean up old hello-world example * Expand the README to include ways to execute the lambdas * Validate scheduled lambda execution and then comment out Co-authored-by: Tim Zwolak <timothypage@gmail.com>
2021-06-30 08:29:01 -05:00
deployment configuration changes to serverless
2021-07-16 09:43:56 -04:00
# Enabled: true
# HttpVersion: http2
# Comment: CDN for justice40 data bucket
# Aliases:
# - ${self:custom.environment.HOSTED_ZONE_SUBDOMAIN}.${self:custom.environment.HOSTED_ZONE_DOMAIN}
# PriceClass: PriceClass_All
# DefaultCacheBehavior:
# AllowedMethods: [HEAD, GET, OPTIONS]
# CachedMethods: [HEAD, GET]
# CachePolicyId:
# Ref: DataBucketCachePolicy
# MinTTL: '0'
# DefaultTTL: '0'
# TargetOriginId: DataBucket
# ViewerProtocolPolicy: redirect-to-https
# CustomErrorResponses: []
# ViewerCertificate:
# AcmCertificateArn: ${self:custom.environment.CLOUDFRONT_CERTIFICATE_ARN}
# SslSupportMethod: sni-only
Reference in a new issue Copy permalink