-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2 from lean-delivery/develop
Release 1.0.0
- Loading branch information
Showing
5 changed files
with
320 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,68 @@ | ||
# tf-module-aws-s3-cf-acm | ||
Terraform module for static site with SSL | ||
required_version = ">= 0.12" | ||
|
||
## Usage | ||
```hcl | ||
module "s3-cf-acm" { | ||
source = "[email protected]:lean-delivery/tf-module-aws-s3-cf-acm.git" | ||
namespace = "test" | ||
stage = "test" | ||
name = "cf-bucket" | ||
parent_zone_name = "example.com" | ||
acm_tags = { | ||
Name = "Example" | ||
} | ||
domain = "static.example.com" | ||
use_regional_s3_endpoint = "true" | ||
origin_bucket = "S3-static-files-content" | ||
origin_force_destroy = "yes" | ||
default_root_object = "index.html" | ||
} | ||
``` | ||
## Inputs | ||
|
||
| Name | Description | Type | Default | Required | | ||
|------|-------------|:----:|:-----:|:-----:| | ||
| acm\_certificate\_arn | Existing ACM Certificate ARN | string | `""` | no | | ||
| acm\_tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map | `<map>` | no | | ||
| aliases | List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront | list | `<list>` | no | | ||
| alternative\_names | Domian name alternatives for ACM certificate | list | `<list>` | no | | ||
| bucket\_domain\_format | Format of bucket domain name | string | `"%s.s3.amazonaws.com"` | no | | ||
| default\_root\_object | Object that CloudFront return when requests the root URL | string | `"index.html"` | no | | ||
| default\_ttl | Default amount of time (in seconds) that an object is in a CloudFront cache | string | `"60"` | no | | ||
| domain | A domain name for which certificate will be created | string | n/a | yes | | ||
| enabled | Select Enabled if you want CloudFront to begin processing requests as soon as the distribution is created, or select Disabled if you do not want CloudFront to begin processing requests after the distribution is created. | string | `"true"` | no | | ||
| lambda\_function\_association | A config block that triggers a lambda function with specific actions | list | `<list>` | no | | ||
| log\_expiration\_days | Number of days after which to expunge the objects | string | `"90"` | no | | ||
| log\_glacier\_transition\_days | Number of days after which to move the data to the glacier storage tier | string | `"60"` | no | | ||
| log\_include\_cookies | Include cookies in access logs | string | `"false"` | no | | ||
| log\_prefix | Path of logs in S3 bucket | string | `""` | no | | ||
| log\_standard\_transition\_days | Number of days to persist in the standard storage tier before moving to the glacier tier | string | `"30"` | no | | ||
| max\_ttl | Maximum amount of time (in seconds) that an object is in a CloudFront cache | string | `"31536000"` | no | | ||
| min\_ttl | Minimum amount of time that you want objects to stay in CloudFront caches | string | `"0"` | no | | ||
| name | Name of static content (forming bucket name) | string | n/a | yes | | ||
| namespace | Namespace (forming bucket name) | string | n/a | yes | | ||
| origin\_bucket | Name of S3 bucket | string | `""` | no | | ||
| origin\_force\_destroy | Delete all objects from the bucket so that the bucket can be destroyed without error (e.g. `true` or `false`) | string | `"false"` | no | | ||
| parent\_zone\_id | ID of the hosted zone to contain this record (or specify `parent_zone_name`) | string | `""` | no | | ||
| parent\_zone\_name | Name of the hosted zone to contain this record (or specify parent_zone_id) | string | n/a | yes | | ||
| price\_class | Price class for this distribution: `PriceClass_All`, `PriceClass_200`, `PriceClass_100` | string | `"PriceClass_100"` | no | | ||
| stage | Stage of environment (e.g. `dev` or `prod`) (forming bucket name) | string | `"dev"` | no | | ||
| tags | Additional tags (e.g. map(`BusinessUnit`,`XYZ`) | map | `<map>` | no | | ||
| use\_regional\_s3\_endpoint | When set to 'true' the s3 origin_bucket will use the regional endpoint address instead of the global endpoint address | string | `"false"` | no | | ||
| web\_acl\_id | ID of the AWS WAF web ACL that is associated with the distribution | string | `""` | no | | ||
|
||
## Outputs | ||
|
||
| Name | Description | | ||
|------|-------------| | ||
| cf\_arn | ARN of AWS CloudFront distribution | | ||
| cf\_domain\_name | Domain name corresponding to the distribution | | ||
| cf\_etag | Current version of the distribution's information | | ||
| cf\_hosted\_zone\_id | CloudFront Route 53 zone ID | | ||
| cf\_id | ID of AWS CloudFront distribution | | ||
| cf\_status | Current status of the distribution | | ||
| s3\_bucket | Name of S3 bucket | | ||
| s3\_bucket\_domain\_name | Domain of S3 bucket | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,55 @@ | ||
provider "aws" { | ||
region = "us-east-1" | ||
alias = "acm_provider" | ||
} | ||
|
||
data "aws_route53_zone" "selected" { | ||
name = var.parent_zone_name | ||
} | ||
|
||
module "aws-cert" { | ||
source = "terraform-aws-modules/acm/aws" | ||
version = "~> v2.0" | ||
|
||
domain_name = var.domain | ||
zone_id = data.aws_route53_zone.selected.zone_id | ||
|
||
subject_alternative_names = var.alternative_names | ||
|
||
tags = var.acm_tags | ||
} | ||
|
||
data "aws_acm_certificate" "this" { | ||
domain = var.domain | ||
statuses = ["ISSUED", "PENDING_VALIDATION"] | ||
provider = aws.acm_provider | ||
|
||
depends_on = [module.aws-cert] | ||
} | ||
|
||
module "cdn" { | ||
source = "git::https://github.com/cloudposse/terraform-aws-cloudfront-s3-cdn.git?ref=0.11.0" | ||
namespace = var.namespace | ||
stage = var.stage | ||
name = var.name | ||
aliases = concat([var.domain], var.alternative_names) | ||
parent_zone_name = var.parent_zone_name | ||
acm_certificate_arn = data.aws_acm_certificate.this.arn | ||
default_root_object = var.default_root_object | ||
default_ttl = var.default_ttl | ||
enabled = var.enabled | ||
lambda_function_association = var.lambda_function_association | ||
log_expiration_days = var.log_expiration_days | ||
log_glacier_transition_days = var.log_glacier_transition_days | ||
log_include_cookies = var.log_include_cookies | ||
log_prefix = var.log_prefix | ||
log_standard_transition_days = var.log_standard_transition_days | ||
max_ttl = var.max_ttl | ||
min_ttl = var.min_ttl | ||
price_class = var.price_class | ||
tags = var.tags | ||
use_regional_s3_endpoint = var.use_regional_s3_endpoint | ||
web_acl_id = var.web_acl_id | ||
origin_force_destroy = "true" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
output "cf_id" { | ||
value = module.cdn.cf_id | ||
description = "ID of AWS CloudFront distribution" | ||
} | ||
|
||
output "cf_arn" { | ||
value = module.cdn.cf_arn | ||
description = "ARN of AWS CloudFront distribution" | ||
} | ||
|
||
output "cf_status" { | ||
value = module.cdn.cf_status | ||
description = "Current status of the distribution" | ||
} | ||
|
||
output "cf_domain_name" { | ||
value = module.cdn.cf_domain_name | ||
description = "Domain name corresponding to the distribution" | ||
} | ||
|
||
output "cf_etag" { | ||
value = module.cdn.cf_etag | ||
description = "Current version of the distribution's information" | ||
} | ||
|
||
output "cf_hosted_zone_id" { | ||
value = module.cdn.cf_hosted_zone_id | ||
description = "CloudFront Route 53 zone ID" | ||
} | ||
|
||
output "s3_bucket" { | ||
value = module.cdn.s3_bucket | ||
description = "Name of S3 bucket" | ||
} | ||
|
||
output "s3_bucket_domain_name" { | ||
value = module.cdn.s3_bucket_domain_name | ||
description = "Domain of S3 bucket" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,155 @@ | ||
variable "namespace" { | ||
description = "Namespace (forming bucket name)" | ||
type = string | ||
} | ||
|
||
variable "stage" { | ||
description = "Stage of environment (e.g. `dev` or `prod`) (forming bucket name)" | ||
type = string | ||
default = "dev" | ||
} | ||
|
||
variable "name" { | ||
description = "Name of static content (forming bucket name)" | ||
type = string | ||
} | ||
|
||
variable "parent_zone_name" { | ||
description = "Name of the hosted zone to contain this record (or specify parent_zone_id)" | ||
type = string | ||
} | ||
|
||
variable "aliases" { | ||
type = list(string) | ||
description = "List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront" | ||
default = [] | ||
} | ||
|
||
variable "domain" { | ||
description = "A domain name for which certificate will be created" | ||
type = string | ||
} | ||
|
||
variable "alternative_names" { | ||
description = "Domian name alternatives for ACM certificate" | ||
type = list(string) | ||
default = [] | ||
} | ||
|
||
variable "acm_tags" { | ||
type = map(string) | ||
default = {} | ||
description = "Additional tags (e.g. map(`BusinessUnit`,`XYZ`)" | ||
} | ||
|
||
variable "tags" { | ||
type = map(string) | ||
default = {} | ||
description = "Additional tags (e.g. map(`BusinessUnit`,`XYZ`)" | ||
} | ||
|
||
variable "enabled" { | ||
default = true | ||
type = bool | ||
description = "Select Enabled if you want CloudFront to begin processing requests as soon as the distribution is created, or select Disabled if you do not want CloudFront to begin processing requests after the distribution is created." | ||
} | ||
|
||
variable "acm_certificate_arn" { | ||
description = "Existing ACM Certificate ARN" | ||
type = string | ||
default = "" | ||
} | ||
|
||
variable "use_regional_s3_endpoint" { | ||
type = bool | ||
description = "When set to 'true' the s3 origin_bucket will use the regional endpoint address instead of the global endpoint address" | ||
default = false | ||
} | ||
|
||
variable "origin_bucket" { | ||
default = "" | ||
type = string | ||
description = "Name of S3 bucket" | ||
} | ||
|
||
variable "origin_force_destroy" { | ||
default = "false" | ||
description = "Delete all objects from the bucket so that the bucket can be destroyed without error (e.g. `true` or `false`)" | ||
} | ||
|
||
variable "bucket_domain_format" { | ||
default = "%s.s3.amazonaws.com" | ||
description = "Format of bucket domain name" | ||
} | ||
|
||
variable "default_root_object" { | ||
default = "index.html" | ||
description = "Object that CloudFront return when requests the root URL" | ||
} | ||
|
||
variable "log_include_cookies" { | ||
default = "false" | ||
description = "Include cookies in access logs" | ||
} | ||
|
||
variable "log_prefix" { | ||
default = "" | ||
description = "Path of logs in S3 bucket" | ||
} | ||
|
||
variable "log_standard_transition_days" { | ||
description = "Number of days to persist in the standard storage tier before moving to the glacier tier" | ||
default = "30" | ||
} | ||
|
||
variable "log_glacier_transition_days" { | ||
description = "Number of days after which to move the data to the glacier storage tier" | ||
default = "60" | ||
} | ||
|
||
variable "log_expiration_days" { | ||
description = "Number of days after which to expunge the objects" | ||
default = "90" | ||
} | ||
|
||
variable "price_class" { | ||
default = "PriceClass_100" | ||
description = "Price class for this distribution: `PriceClass_All`, `PriceClass_200`, `PriceClass_100`" | ||
} | ||
|
||
variable "default_ttl" { | ||
default = "60" | ||
description = "Default amount of time (in seconds) that an object is in a CloudFront cache" | ||
} | ||
|
||
variable "min_ttl" { | ||
default = "0" | ||
description = "Minimum amount of time that you want objects to stay in CloudFront caches" | ||
} | ||
|
||
variable "max_ttl" { | ||
default = "31536000" | ||
description = "Maximum amount of time (in seconds) that an object is in a CloudFront cache" | ||
} | ||
|
||
variable "parent_zone_id" { | ||
default = "" | ||
description = "ID of the hosted zone to contain this record (or specify `parent_zone_name`)" | ||
} | ||
|
||
variable "lambda_function_association" { | ||
type = list(object({ | ||
event_type = string | ||
include_body = bool | ||
lambda_arn = string | ||
})) | ||
default = [] | ||
description = "A config block that triggers a lambda function with specific actions" | ||
} | ||
|
||
variable "web_acl_id" { | ||
type = string | ||
default = "" | ||
description = "ID of the AWS WAF web ACL that is associated with the distribution" | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
|
||
terraform { | ||
required_version = ">= 0.12" | ||
} |