Complete infrastructure and integration updates

Infrastructure improvements:
- Update CloudFront distribution with ACM certificate support
- Enable custom domain aliases when certificate is available
- Add comprehensive WAF outputs for CrowdSec integration
- Update variables with current configuration defaults

New files:
- Add CrowdSec WAF integration documentation
- Add sync script for CrowdSec to WAF automation
- Add MCP configuration for development tools

Configuration updates:
- Align Terraform configuration with deployed state
- Enable ACM certificate and Route53 DNS by default
- Maintain HTTP-only origin protocol for compatibility

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>

.mcp.json

@@ -0,0 +1,39 @@
+{
+  "mcpServers": {
+    "context7": {
+      "command": "npx",
+      "args": ["-y", "@upstash/context7-mcp@latest"]
+    },
+    "cloudflare": {
+       "command": "npx",
+       "args": ["mcp-remote", "https://docs.mcp.cloudflare.com/sse"]
+    },
+    "aws-api-mcp-server": {
+      "command": "uvx",
+      "args": ["awslabs.aws-api-mcp-server@latest"],
+      "env": {
+        "AWS_REGION": "ap-northeast-2"
+      }
+    },
+    "aws-knowledge-mcp-server": {
+      "command": "uvx",
+      "args": [
+        "mcp-proxy",
+        "--transport", 
+        "streamablehttp",
+        "https://knowledge-mcp.global.api.aws"
+      ]
+    },
+    "aws-serverless-mcp-server": {
+      "command": "uvx",
+      "args": [
+        "awslabs.aws-serverless-mcp-server@latest",
+        "--allow-write",
+        "--allow-sensitive-data-access"
+      ],
+      "env": {
+        "AWS_REGION": "ap-northeast-2"
+      }
+    }
+  }
+}