Current best practice for uploading an SPA?

[CsehAbel]

Hi,

I have been looking at cloudfront-authorization-at-edge repo and at the JWT workshop, and i was wondering if this s3-spa-upload method is still relevant or if another method would be the best practice when uploading SPAs. I am trying to do IaC for uploading the SPA with Content-Type, Cache-Content and CORS Rules, while fronting the S3 bucket with CloudFront and having access to the the distribution in the deployment code ( to add callback URL for the hosted ui, other origins like for apigw, cloudwatch alert for the distribution).

I just wanted a general advice for the skeleton of such an IaC project from a pro for uploading SPAs, and i might not be asking the right questions.

How would you go about implementing also CORS Rules? Do you recommend Amplify hosting to upload the SPA from a CodeCommit or GitHub repo? Would there be a way of customizing that CloudFront distribution via IaC like Price Class, access metrics via distribution.metricRequest() to create CloudWatch alarms in the same Stack while using this Amplify SPA upload? Is this s3-spa-upload method is still recommended? Would connecting CodeCommit with a cdk.aws_s3_deployment.BucketDeployment be a viable option?