I’m missing something that I’m sure is really obvious. When using the CloudFormation template, https://s3.amazonaws.com/cloudformation-examples/community/common-attacks.json
I understand that this sits in front of CloudFront. But does this create the actual CloudFront content site? The template above is WAF specific only. But even if it does create the CDN, where is the acloudgurumyorigin S3 CF origin specified? I have it stuck in my head that the video shows the CloudFormation template to be complete for both content site AND WAF but missing where the CloudFront content is configured
That template does nothing with CloudFront. CloudFront, WAF, and AWS Shield are independent services (Though AWS Shield Basic is always enabled for all AWS accounts).
Thanks Steven for affirming what I thought – spoiled by labs showing every detail to recreate and wondered whether I missed something. To me, it looked like the WAF association was tied to the same "ID" that was generated from running the common-attacks.json cloudformation creation which is why i thought it created the content config