Eregcsc 2532 cloudfront distribution should have logging enabled (#1193)

* eregcsc-2532- cloudfront distrubution should have logging enabled

solution/backend/cmcs_regulations/templates/admin/base_site.html

@@ -40,4 +40,4 @@
       <a href="{% url 'oidc_authentication_init' %}?next={{ request.path }}">Log in</a>
     {% endif %}
   </div>
-{% endblock %}
+{% endblock %}

solution/static-assets/serverless.yml

@@ -61,6 +61,28 @@ resources:
                 - GET
                 - HEAD
               MaxAge: 3000
+    CloudFrontLogsBucket:
+      Type: AWS::S3::Bucket
+      Properties:
+        BucketName: eregs-${self:custom.stage}-cloudfront-logs
+        OwnershipControls:
+          Rules:
+            - ObjectOwnership: BucketOwnerPreferred
+        VersioningConfiguration:
+          Status: Enabled
+        AccessControl: LogDeliveryWrite
+    CloudFrontLogsBucketPolicy:
+      Type: "AWS::S3::BucketPolicy"
+      Properties:
+        Bucket: !Ref CloudFrontLogsBucket
+        PolicyDocument:
+          Version: '2012-10-17'
+          Statement:
+            - Effect: Allow
+              Principal:
+                Service: "delivery.logs.amazonaws.com"
+              Action: "s3:PutObject"
+              Resource: !Sub "arn:aws:s3:::${CloudFrontLogsBucket}/*"
 
     CloudFrontOriginAccessIdentity:
       Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
@@ -153,6 +175,10 @@ resources:
                   - ''
                   - - origin-access-identity/cloudfront/
                     - Ref: CloudFrontOriginAccessIdentity
+          Logging:
+            IncludeCookies: false
+            Bucket: eregs-${self:custom.stage}-cloudfront-logs.s3.amazonaws.com
+            Prefix: cf-logs/
           Enabled: true
           HttpVersion: 'http2'
           DefaultCacheBehavior: