MonolithCloudFrontDisttibution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        # Commented due troubles with validation, CNAME required in dns
        # https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html
        #
        Aliases:
          - !Ref "DomainMedia"
        Comment: "CDN for S3-backed website with secured cookies"
        Enabled: true
        DefaultCacheBehavior:
          AllowedMethods: ["GET", "HEAD", "OPTIONS"]
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          TargetOriginId: S3Origin
          TrustedSigners:
            - !Ref AWS::AccountId
          ViewerProtocolPolicy:
            - allow-all
        Origins:
          #- DomainName: !GetAtt MonolithS3Bucket.DomainName
          - DomainName:
              "Fn::ImportValue": !Sub "${VPCEnvironmentName}-s3media-DomainName"
            Id: S3Origin
            S3OriginConfig:
              OriginAccessIdentity: !Sub "origin-access-identity/cloudfront/${CloudFrontOriginAccessIdentity}"
        ViewerCertificate:
          CloudFrontDefaultCertificate: 'true'

ViewerCertificate:
  AcmCertificateArn