Skip to content

zoitech/terraform-aws-cloudfront

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

35 Commits
CHANGELOG.md
CHANGELOG.md
 
 
README.md
README.md
 
 
cloudfront.tf
cloudfront.tf
 
 
outputs.tf
outputs.tf
 
 
provider.tf
provider.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

AWS Application Load Balancer Module

Terraform module which sets up a CloudFront distribution with logging into S3.

The following resources are created:

  • CloudFront

Usage

Specify this Module as Source

module "my_cloudfront" {
  source = "git::https://github.com/zoitech/terraform-aws-cloudfront.git"

  # Or to specifiy a particular module version:
  source = "git::https://github.com/zoitech/terraform-aws-cloudfront.git?ref=2.0.0"

Usage Example

module "my_cloudfront" {
  source          = "git::https://github.com/zoitech/terraform-aws-cloudfront.git"
  dns_domain_name = "mydomain.s3.amazonaws.com"
  origin_path     = "/mypath"
  origin_id       = "s3-myorigin"

  #s3_origin_config - origin_access_identity
  state_enabled       = true
  is_ipv6_enabled     = false
  comment             = "Environment=Prod"
  default_root_object = "index.html"

  # Logging into S3
  logging_config_include_cookies = false
  logging_config_bucket          = "mylogbucket.s3.amazonaws.com"
  logging_config_prefix          = "s3-my-origin-id"

  # Aliases 
  aliases = ["myalias.mywebsite.com"]

  # Default Cache Behavior Settings
  default_cache_behavior_allowed_methods = ["GET", "HEAD"]
  default_cache_behavior_cached_methods  = ["GET", "HEAD"]
  default_cache_behavior_forwarded_values_headers = ["origin"]
  target_origin_id                       = "s3-my-origin-id"
  viewer_protocol_policy                 = "redirect-to-https"
  price_class                            = "PriceClass_100"

  # Custom Error Response
  custom_error_response = [
    {
    error_caching_min_ttl = "86400"          #Optional
    error_code            = "404"            #Required
    response_code         = "200"            #Optional
    response_page_path    = "/index.html"}   #Optional
  ]
  
  # Geo Restrictions
  restriction_type = "none"

  # Certificate
  acm_certificate_arn      = data.aws_acm_certificate.my_acm_certificate.arn
  minimum_protocol_version = "TLSv1.1_2016"
  ssl_support_method       = "sni-only"
}

Outputs

The following outputs are possible:

  • domain_name (The domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net)
  • hosted_zone_id (The CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.)

Requirements

Name Version
terraform >= 0.13

Providers

Name Version
aws n/a

Modules

No modules.

Resources

Name Type
aws_cloudfront_distribution.distribution resource

Inputs

Name Description Type Default Required
acm_certificate_arn The ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1. any n/a yes
aliases (Optional) - Extra CNAMEs (alternate domain names), if any, for this distribution. list(string) n/a yes
comment (Optional) - Any comments you want to include about the distribution. any n/a yes
custom_error_response (Optional) - One or more custom error response elements (multiples allowed). any [] no
default_cache_behavior_allowed_methods (Required) - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. list(string) n/a yes
default_cache_behavior_cached_methods (Required) - Controls whether CloudFront caches the response to requests using the specified HTTP methods. list(string) n/a yes
default_cache_behavior_forwarded_values_headers (Required) - Specifies the Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers. list(string) n/a yes
default_root_object (Optional) - The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. string "index.html" no
dns_domain_name (Required) - The DNS domain name of either the S3 bucket, or web site of your custom origin. any n/a yes
is_ipv6_enabled (Optional) - Whether the IPv6 is enabled for the distribution. bool false no
logging_config_bucket (Required) - The Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com. any n/a yes
logging_config_include_cookies (Optional) - Specifies whether you want CloudFront to include cookies in access logs (default: false). bool false no
logging_config_prefix (Optional) - An optional string that you want CloudFront to prefix to the access log filenames for this distribution, for example, myprefix/. any n/a yes
minimum_protocol_version The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. One of SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016 or TLSv1.2_2018. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified. any n/a yes
origin_id (Required) - A unique identifier for the origin. any n/a yes
origin_path (Optional) - An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. string "" no
price_class (Optional) - The price class for this distribution. One of PriceClass_All, PriceClass_200, PriceClass_100 any n/a yes
region region string "eu-west-1" no
restriction_locations (Optional) - The ISO 3166-1-alpha-2 codes for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). list(string) [] no
restriction_type (Required) - The method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist. string "none" no
ssl_support_method Specifies how you want CloudFront to serve HTTPS requests. One of vip or sni-only. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges. any n/a yes
state_enabled (Required) - Whether the distribution is enabled to accept end user requests for content. bool true no
tags Tags to be added to the distribution map(string) {} no
target_origin_id (Required) - The value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. any n/a yes
viewer_protocol_policy (Required) - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https. any n/a yes

Outputs

Name Description
cf_arn n/a
cf_id n/a
domain_name n/a
hosted_zone_id n/a

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

3 watching

Forks

4 forks
Report repository

Releases 5

Add tag variable for module Latest
Sep 20, 2024
+ 4 releases

Packages

No packages published

Contributors 6

Languages