Skip to content

datastreamapp/terraform-public-static-assets-module

BranchesTags
 
 

Repository files navigation

Terraform App Endpoint

Creates CloudFront (w/ WAF and Lambda) and S3 Bucket.

Setup

Requirements

  • Edge provider in the root.
provider "aws" {
    profile = "${local.workspace["profile"]}-${local.workspace["env"]}"
    region  = "us-east-1"
    alias   = "edge"
}
  • ACM Certificate
data "aws_acm_certificate" "main" {
  provider = "aws.edge"
  domain   = "${var.env}-appname.example.com"
  statuses = ["ISSUED"]
}
  • Web Application Firewall (Optional)
module "waf" {
  source = "[email protected]:willfarrell/terraform-waf-module"
  name   = "${local.workspace["name"]}"
  defaultAction = "ALLOW"
  providers = {
    aws = "aws.edge"
  }
}

Module


module "logs" {
  source = "[email protected]:willfarrell/terraform-s3-logs-module?ref=v0.3.0"
  name   = "${local.workspace["name"]}-${terraform.workspace}-edge"
  tags   = {
    "Name": "Edge Logs"
  }
}

module "app" {
  source              = "[email protected]:willfarrell/terraform-public-static-assets?ref=v0.2.1"

  name                = "${var.env}-myapp"
  aliases             = ["${var.env != "prod" ? "${var.env}-": ""}appname.example.com"]
  acm_certificate_arn = data.aws_acm_certificate.main.arn
  web_acl_id          = module.waf.id
  lambda = {
    "origin-request" = file("${path.module}/origin-request.js")
    "viewer-request" = file("${path.module}/viewer-request.js")
    "viewer-response" = file("${path.module}/viewer-response.js")
    "origin-response" = file("${path.module}/origin-response.js")
  }
  error_codes      = { 
    404 = "/404.html"
  }
  logging_bucket         = "${local[terraform.workspace].name}-${terraform.workspace}-edge-logs"
  
  providers = {
    aws = "aws.edge"
  }
}

Input

  • name: AWS S3 Bucket name. ${var.env}-${var.name}.
  • aliases: CloudFront Aliases.
  • acm_certificate_arn: Domain Certificate ARN
  • web_acl_id: WAF ACL ID
  • lambda: lambda@Edge functions
  • cors_origins: URL to apply to CORS. [Default: ["*"]]
  • error_codes: map of paths for error codes. Defaults: none
  • logging_bucket: Bucket id for where teh logs should be sent

Output

  • bucket: ${aws_s3_bucket.main.id} Full name of the S3 bucket.
  • id: ${aws_cloudfront_distribution.main.id} CloudFront Distribution Id for CI/CD to trigger cache clearing (aws cloudfront create-invalidation --distribution-id ${AWS_CLOUDFRONT_DISTRIBUTION_ID} --paths /index.html)
  • domain_name: ${aws_cloudfront_distribution.main.domain_name} CloudFront Domain Name for DNS updating.
  • hosted_zone_id: ${aws_cloudfront_distribution.main.hosted_zone_id} CloudFront Hosted Zone ID.

About

Terraform Module: CloudFront, ACM, S3

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • HCL 91.7%
  • Python 8.1%
  • Shell 0.2%