diff --git a/modules/cloudfront/default/0.1/facets.yaml b/modules/cloudfront/default/0.1/facets.yaml index 61237e07c..2ed6534b7 100644 --- a/modules/cloudfront/default/0.1/facets.yaml +++ b/modules/cloudfront/default/0.1/facets.yaml @@ -14,7 +14,7 @@ spec: title: Aliases description: Aliases for CloudFront x-ui-yaml-editor: true - x-ui-placeholder: "Enter a wildcard domain" + x-ui-placeholder: Enter a wildcard domain example alias1 "example.com" viewer_certificate: type: object title: Viewer Certificate @@ -24,13 +24,46 @@ spec: type: string title: ACM Certificate ARN description: ARN of the ACM Certificate - x-ui-placeholder: "Enter the ACM certificate ARN" + pattern: ^arn:aws:acm:[a-z0-9-]+:[0-9]+:certificate/[a-f0-9-]+$ + x-ui-placeholder: arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012 + cloudfront_default_certificate: + type: boolean + title: Use CloudFront Default Certificate + description: Whether to use the default CloudFront certificate + default: true + iam_certificate_id: + type: string + title: IAM Certificate ID + description: The ID of the IAM certificate to use for the viewer certificate + x-ui-placeholder: Enter the IAM certificate ID + minimum_protocol_version: + type: string + title: Minimum Protocol version + description: Minimum SSL/TLS protocol version that you want CloudFront to + use for HTTPS connections + enum: + - TLSv1 + - TLSv1.1_2016 + - TLSv1.2_2018 + - TLSv1.2_2021 + - TLSv1.3 + default: TLSv1 + ssl_support_method: + type: string + title: SSL Support Method + description: The method that you want CloudFront to use to serve HTTPS + default: sni-only + enum: + - sni-only + - vip + - static-ip + x-ui-placeholder: Enter the SSL support method origins: type: object title: Origins - description: Specify the origin where CloudFront sends requests for the files + description: One or more origins for this distribution. patternProperties: - '^[a-zA-Z0-9_.-]*$': + ^[a-zA-Z0-9_.-]*$: type: object title: Origin description: Origin configuration @@ -39,9 +72,82 @@ spec: type: string title: Domain Name description: Domain name of the origin - x-ui-placeholder: "Enter the domain name of the origin" - x-ui-error-message: "Value doesn't match pattern, it should be domain - name eg: test.s3.ap-south-1.amazonaws.com" + x-ui-placeholder: Enter the domain name of the origin example.com or + mybucket.s3.amazonaws.com + origin_path: + type: string + title: Origin Path + description: Optional path that CloudFront appends to the origin domain + name when CloudFront requests content from the origin + x-ui-placeholder: Enter the origin path exmaple '/v1/api' + default: '' + connection_attempts: + type: integer + title: Connection Attempts + description: Number of times that you want CloudFront to retry when + the origin returns a 5xx HTTP status code + minimum: 1 + maximum: 3 + connection_timeout: + type: integer + title: Connection Timeout + description: Amount of time, in seconds, that you want CloudFront to + wait when trying to establish a connection to the origin + minimum: 1 + maximum: 10 + custom_origin_config: + type: object + title: Custom Origin Configuration + description: Configuration for custom origins (non-S3) + properties: + http_port: + type: number + title: HTTP Port + description: HTTP port the custom origin listens on + https_port: + type: number + title: HTTPS Port + description: HTTPS port the custom origin listens on + origin_protocol_policy: + type: string + title: Origin Protocol Policy + description: Protocol to use when connecting to the origin + enum: + - http-only + - https-only + - match-viewer + origin_ssl_protocols: + type: array + title: Origin SSL Protocols + description: SSL/TLS protocols that CloudFront can use when connecting + via HTTPS + items: + type: string + enum: + - SSLv3 + - TLSv1 + - TLSv1.1 + - TLSv1.2 + x-ui-override-disable: true + origin_keepalive_timeout: + type: integer + title: Origin Keepalive Timeout + description: Amount of time, in seconds, that you want CloudFront + to wait for a response from the origin + minimum: 1 + maximum: 60 + origin_read_timeout: + type: integer + title: Origin Read Timeout + description: Amount of time, in seconds, that you want CloudFront + to wait for a response from the origin + minimum: 1 + maximum: 60 + custom_header: + type: object + title: Custom Headers + description: Custom headers to add to origin requests + x-ui-yaml-editor: true cache_policies: type: object title: Cache Policies @@ -64,6 +170,23 @@ spec: type: integer title: Default time to live in seconds. description: Default TTL + trusted_signers: + type: array + title: Trusted Signers + description: AWS account IDs that can create signed URLs for private + content + items: + type: string + default: [] + x-ui-override-disable: true + trusted_key_groups: + type: array + title: Trusted Key Groups + description: Key groups that can sign URLs for private content + items: + type: string + default: [] + x-ui-override-disable: true parameters_in_cache_key_and_forwarded_to_origin: type: object title: Parameters @@ -90,7 +213,7 @@ spec: type: array title: Cookies description: Contains a list of cookie names - x-ui-placeholder: "Enter the cookie name" + x-ui-placeholder: Enter the cookie name items: type: string x-ui-override-disable: true @@ -115,7 +238,7 @@ spec: type: string x-ui-override-disable: true description: List of HTTP header names - x-ui-placeholder: "Enter the header name" + x-ui-placeholder: Enter the header name query_strings_config: type: object title: Query Strings Config @@ -137,7 +260,7 @@ spec: type: array title: Query Strings description: Contains a list of query string names - x-ui-placeholder: "Enter the header name" + x-ui-placeholder: Enter the header name items: type: string x-ui-override-disable: true @@ -160,13 +283,13 @@ spec: type: string title: Cache Policy Name description: Name of the cache policy - x-ui-placeholder: "Enter the cache policy name" + x-ui-placeholder: Enter the cache policy name example my-cache-policy target_origin_id: type: string title: Target Origin ID - description: The value of ID for the origin that you want CloudFront to - route requests to - x-ui-placeholder: "Enter the target origin ID" + description: The origin ID to route requests to (must match an origin key) + x-ui-placeholder: Enter the target origin ID + default: '' allowed_methods: type: array title: Allowed Methods @@ -199,7 +322,7 @@ spec: title: Ordered Cache Behaviors description: Ordered cache behaviors configuration patternProperties: - '^[a-zA-Z0-9_.-]*$': + ^[a-zA-Z0-9_.-]*$: type: object title: Cache Behavior description: Cache behavior configuration @@ -208,19 +331,19 @@ spec: type: string title: Cache Policy Name description: Name of the cache policy - x-ui-placeholder: "Enter the cache policy name" + x-ui-placeholder: Enter the cache policy name path_pattern: type: string title: Path Pattern description: The pattern that specifies which requests to apply the behavior to - x-ui-placeholder: "Enter the path pattern" + x-ui-placeholder: Enter the path pattern example '/api/*' target_origin_id: type: string title: Target Origin ID description: The value of ID for the origin that you want CloudFront - to route requests to - x-ui-placeholder: "Enter the target origin ID" + to route requests to (must match origin key) + x-ui-placeholder: Enter the target origin ID viewer_protocol_policy: type: string title: Viewer Protocol Policy @@ -253,64 +376,79 @@ spec: title: Compress description: Determines whether you want CloudFront to automatically compress certain files for this cache behavior. + origin_request_policy_id: + type: string + title: Origin Request Policy ID + description: The ID of the origin request policy that you want to associate + with this cache behavior + x-ui-placeholder: Enter the origin request policy ID + response_headers_policy_id: + type: string + title: Response Headers Policy ID + description: The ID of the response headers policy that you want to + associate with this cache behavior + x-ui-placeholder: Enter the response headers policy ID aws_waf_id: type: string title: AWS WAF ID description: Web Application Firewall ID - x-ui-placeholder: "Enter the AWS WAF ID" + x-ui-placeholder: Enter the AWS WAF ID +inputs: + network_details: + optional: false + type: '@outputs/aws_vpc' + default: + resource_type: kubernetes_cluster + resource_name: default +outputs: + default: + type: '@outputs/ingress' sample: version: '0.1' flavor: default kind: cloudfront lifecycle: ENVIRONMENT - disabled: false + disabled: true provided: false depends_on: [] metadata: - name: "" + name: sample-cloudfront spec: - aliases: - alias1: "*.example.com" - viewer_certificate: - acm_certificate_arn: "" origins: origin1: - domain_name: "" - origin2: - domain_name: "" + domain_name: example.com + connection_attempts: 3 + connection_timeout: 10 + custom_origin_config: + http_port: 80 + https_port: 443 + origin_protocol_policy: https-only + origin_ssl_protocols: + - TLSv1.2 cache_policies: - sample_policy: - max_ttl: 60 - min_ttl: 10 - default_ttl: 30 + cache-name: + default_ttl: 5 + min_ttl: 1 + max_ttl: 10 parameters_in_cache_key_and_forwarded_to_origin: - cookies_config: - cookie_behavior: "whitelist" - cookies: - items: - - "" - headers_config: - header_behavior: "none" - query_strings_config: - query_string_behavior: "none" enable_accept_encoding_brotli: false enable_accept_encoding_gzip: false default_cache_behavior: - cache_policy_name: "" - target_origin_id: "" + cache_policy_name: cache-name + target_origin_id: origin1 allowed_methods: - GET - HEAD cached_methods: - GET - HEAD - viewer_protocol_policy: "allow-all" + viewer_protocol_policy: allow-all ordered_cache_behaviors: cache1: - cache_policy_name: "" - path_pattern: "/example/*" - target_origin_id: "" - viewer_protocol_policy: "redirect-to-https" + cache_policy_name: cache-name + path_pattern: /example/* + target_origin_id: origin1 + viewer_protocol_policy: redirect-to-https allowed_methods: - GET - HEAD @@ -318,4 +456,4 @@ sample: - GET - HEAD compress: true - waf_id: "" + waf_id: '' diff --git a/modules/cloudfront/default/0.1/locals.tf b/modules/cloudfront/default/0.1/locals.tf new file mode 100644 index 000000000..6e46a2370 --- /dev/null +++ b/modules/cloudfront/default/0.1/locals.tf @@ -0,0 +1,175 @@ +locals { + spec = lookup(var.instance, "spec", {}) + advanced = lookup(lookup(var.instance, "advanced", {}), "cloudfront", {}) + user_defined_tags = lookup(local.advanced, "tags", {}) + tags = merge(local.user_defined_tags, var.environment.cloud_tags) + create_origin_access_identity = lookup(local.advanced, "create_origin_access_identity", true) + + raw_aliases = lookup(local.spec, "aliases", "") + aliases = length(local.raw_aliases) > 0 ? [ + for k, v in local.spec.aliases : v + ] : [] + + raw_viewer_certificate = lookup(local.spec, "viewer_certificate", {}) + viewer_certificate = length(local.raw_viewer_certificate) > 0 ? { + acm_certificate_arn = lookup(local.raw_viewer_certificate, "acm_certificate_arn", null) + cloudfront_default_certificate = lookup(local.raw_viewer_certificate, "cloudfront_default_certificate", null) + iam_certificate_id = lookup(local.raw_viewer_certificate, "iam_certificate_id", null) + minimum_protocol_version = lookup(local.raw_viewer_certificate, "minimum_protocol_version", "TLSv1") + ssl_support_method = lookup(local.raw_viewer_certificate, "ssl_support_method", "sni-only") + } : { + cloudfront_default_certificate = true + minimum_protocol_version = "TLSv1" + } + + origins = local.spec.origins + + origin = { + for k, v in local.origins : + k => { + domain_name = v["domain_name"] + origin_path = lookup(v, "origin_path", "") + connection_attempts = lookup(v, "connection_attempts", null) + connection_timeout = lookup(v, "connection_timeout", null) + custom_origin_config = jsondecode(length(lookup(v, "custom_origin_config", {})) > 0 ? jsonencode({ + http_port = lookup(lookup(v, "custom_origin_config", {}), "http_port", null) + https_port = lookup(lookup(v, "custom_origin_config", {}), "https_port", null) + origin_protocol_policy = lookup(lookup(v, "custom_origin_config", {}), "origin_protocol_policy", null) + origin_ssl_protocols = lookup(lookup(v, "custom_origin_config", {}), "origin_ssl_protocols", null) + origin_keepalive_timeout = lookup(lookup(v, "custom_origin_config", {}), "origin_keepalive_timeout", null) + origin_read_timeout = lookup(lookup(v, "custom_origin_config", {}), "origin_read_timeout", null) + }) : jsonencode({})) + + custom_header = [ + for k, v in lookup(v, "custom_header", {}) : { + name = k + value = v + } + ] + + origin_shield = length(lookup(v, "origin_shield", {})) > 0 ? { + enabled = lookup(lookup(v, "origin_shield", {}), "enabled", null) + origin_shield_region = lookup(lookup(v, "origin_shield", {}), "origin_shield_region", null) + } : {} + + + s3_origin_config = length(lookup(v, "custom_origin_config", {})) <= 0 ? { + origin_access_identity = k + } : {} + } + } + + origin_access_identities = local.create_origin_access_identity ? { + for k, v in local.origins : k => "${k} origin access identity" + } : {} + + default_cache_behavior = { + use_forwarded_values = local.create_cache_policy ? false : lookup(local.spec.default_cache_behavior, "use_forwarded_values", true) + target_origin_id = local.spec.default_cache_behavior.target_origin_id + allowed_methods = local.spec.default_cache_behavior.allowed_methods + cached_methods = local.spec.default_cache_behavior.cached_methods + viewer_protocol_policy = local.spec.default_cache_behavior.viewer_protocol_policy + compress = lookup(local.spec.default_cache_behavior, "compress", null) + field_level_encryption_id = lookup(local.spec.default_cache_behavior, "field_level_encryption_id", null) + smooth_streaming = lookup(local.spec.default_cache_behavior, "smooth_streaming", null) + trusted_signers = lookup(local.spec.default_cache_behavior, "trusted_signers", []) + trusted_key_groups = lookup(local.spec.default_cache_behavior, "trusted_key_groups", []) + cache_policy_id = local.create_cache_policy && local.cache_policy_name != null ? lookup(local.cache_policy_ids, local.cache_policy_name, null) : lookup(local.spec.default_cache_behavior, "cache_policy_id", null) + origin_request_policy_id = lookup(local.spec.default_cache_behavior, "origin_request_policy_id", null) + response_headers_policy_id = lookup(local.spec.default_cache_behavior, "response_headers_policy_id", null) + realtime_log_config_arn = lookup(local.spec.default_cache_behavior, "realtime_log_config_arn", null) + min_ttl = lookup(local.spec.default_cache_behavior, "min_ttl", null) + default_ttl = lookup(local.spec.default_cache_behavior, "default_ttl", null) + max_ttl = lookup(local.spec.default_cache_behavior, "max_ttl", null) + + forwarded_values = [ + for k, v in lookup(local.spec.default_cache_behavior, "forwarded_values", {}) : { + query_string = lookup(v, "query_string", false) + query_string_cache_keys = lookup(v, "query_string_cache_keys", []) + headers = lookup(v, "headers", []) + cookies_forward = lookup(v, "cookies_forward", "none") + cookies_whitelisted_names = lookup(v, "cookies_whitelisted_names", null) + } + ] + + lambda_function_association = [ + for k, v in lookup(local.spec.default_cache_behavior, "lambda_function_association", {}) : { + event_type = v.event_type + lambda_arn = v.lambda_arn + include_body = lookup(v, "include_body", null) + } + ] + + function_association = [ + for k, v in lookup(local.spec.default_cache_behavior, "function_association", {}) : { + event_type = v.event_type + function_arn = v.function_arn + } + ] + } + + raw_ordered_cache_behaviors = lookup(local.spec, "ordered_cache_behaviors", lookup(local.advanced, "ordered_cache_behaviors", {})) + ordered_cache_behaviors = length(local.raw_ordered_cache_behaviors) > 0 ? [ + for k, v in local.raw_ordered_cache_behaviors : { + use_forwarded_values = local.create_cache_policy ? false : lookup(local.raw_ordered_cache_behaviors[k], "use_forwarded_values", true) + target_origin_id = local.raw_ordered_cache_behaviors[k].target_origin_id + path_pattern = lookup(local.raw_ordered_cache_behaviors[k], "path_pattern", null) + allowed_methods = local.raw_ordered_cache_behaviors[k].allowed_methods + cached_methods = local.raw_ordered_cache_behaviors[k].cached_methods + viewer_protocol_policy = local.raw_ordered_cache_behaviors[k].viewer_protocol_policy + compress = lookup(local.raw_ordered_cache_behaviors[k], "compress", null) + field_level_encryption_id = lookup(local.raw_ordered_cache_behaviors[k], "field_level_encryption_id", null) + smooth_streaming = lookup(local.raw_ordered_cache_behaviors[k], "smooth_streaming", null) + trusted_signers = lookup(local.raw_ordered_cache_behaviors[k], "trusted_signers", []) + trusted_key_groups = lookup(local.raw_ordered_cache_behaviors[k], "trusted_key_groups", []) + cache_policy_id = local.create_cache_policy ? lookup(local.cache_policy_ids, v.cache_policy_name, null) : lookup(local.raw_ordered_cache_behaviors[k], "cache_policy_id", null) + origin_request_policy_id = lookup(local.raw_ordered_cache_behaviors[k], "origin_request_policy_id", null) + response_headers_policy_id = lookup(local.raw_ordered_cache_behaviors[k], "response_headers_policy_id", null) + realtime_log_config_arn = lookup(local.raw_ordered_cache_behaviors[k], "realtime_log_config_arn", null) + min_ttl = lookup(local.raw_ordered_cache_behaviors[k], "min_ttl", null) + default_ttl = lookup(local.raw_ordered_cache_behaviors[k], "default_ttl", null) + max_ttl = lookup(local.raw_ordered_cache_behaviors[k], "max_ttl", null) + + forwarded_values = [ + for k, v in lookup(local.raw_ordered_cache_behaviors[k], "forwarded_values", {}) : { + query_string = lookup(v, "query_string", false) + query_string_cache_keys = lookup(v, "query_string_cache_keys", []) + headers = lookup(v, "headers", []) + cookies_forward = lookup(v, "cookies_forward", "none") + cookies_whitelisted_names = lookup(v, "cookies_whitelisted_names", null) + } + ] + + lambda_function_association = { + for k, v in lookup(local.raw_ordered_cache_behaviors[k], "lambda_function_association", {}) : k => { + event_type = v.event_type + lambda_arn = v.lambda_arn + include_body = lookup(v, "include_body", null) + } + } + + function_association = { + for k, v in lookup(local.raw_ordered_cache_behaviors[k], "function_association", {}) : k => { + event_type = v.event_type + function_arn = v.function_arn + } + } + } + ] : [] + + raw_custom_error_responses = lookup(local.advanced, "custom_error_responses", {}) + custom_error_responses = [ + for k, v in local.raw_custom_error_responses : { + error_code = v.error_code + response_code = lookup(v, "response_code", null) + response_page_path = lookup(v, "response_page_path", null) + error_caching_min_ttl = lookup(v, "error_caching_min_ttl", null) + } + ] + cache_policies = lookup(local.spec, "cache_policies", {}) + create_cache_policy = length(local.cache_policies) > 0 ? true : false + cache_policy_ids = length(local.cache_policies) > 0 ? { + for name, policy in aws_cloudfront_cache_policy.cloudfront : name => policy.id + } : {} + cache_policy_name = lookup(lookup(local.spec, "default_cache_behavior", {}), "cache_policy_name", null) +} diff --git a/modules/cloudfront/default/0.1/main.tf b/modules/cloudfront/default/0.1/main.tf new file mode 100644 index 000000000..182149555 --- /dev/null +++ b/modules/cloudfront/default/0.1/main.tf @@ -0,0 +1,73 @@ +module "cloudfront_name" { + source = "github.com/Facets-cloud/facets-utility-modules//name" + is_k8s = false + globally_unique = true + resource_name = var.instance_name + resource_type = "cloudfront" + limit = 53 + environment = var.environment +} + + +module "cloudfront" { + source = "terraform-aws-modules/cloudfront/aws" + version = "2.9.3" + + # Required inputs as per module + aliases = local.aliases + comment = lookup(local.advanced, "comment", "${module.cloudfront_name.name} CloudFront") + default_cache_behavior = local.default_cache_behavior + default_root_object = lookup(local.advanced, "default_root_object", null) + is_ipv6_enabled = lookup(local.advanced, "is_ipv6_enabled", true) + origin = local.origin + price_class = lookup(local.advanced, "price_class", "PriceClass_All") + tags = local.tags + web_acl_id = lookup(local.spec, "aws_waf_id", lookup(local.advanced, "web_acl_id", null)) + + # Optional inputs as per module + create_distribution = lookup(local.advanced, "create_distribution", true) + create_monitoring_subscription = lookup(local.advanced, "create_monitoring_subscription", false) + create_origin_access_identity = local.create_origin_access_identity + custom_error_response = local.custom_error_responses + enabled = lookup(local.advanced, "enabled", true) + geo_restriction = lookup(local.advanced, "geo_restriction", {}) + http_version = lookup(local.advanced, "http_version", "http2") + logging_config = lookup(local.advanced, "logging_config", {}) + ordered_cache_behavior = local.ordered_cache_behaviors + origin_access_identities = local.origin_access_identities + origin_group = lookup(local.advanced, "origin_group", {}) + realtime_metrics_subscription_status = lookup(local.advanced, "realtime_metrics_subscription_status", "Enabled") + retain_on_delete = lookup(local.advanced, "retain_on_delete", false) + viewer_certificate = local.viewer_certificate + wait_for_deployment = lookup(local.advanced, "wait_for_deployment", true) +} + +resource "aws_cloudfront_cache_policy" "cloudfront" { + for_each = local.cache_policies + name = each.key + default_ttl = lookup(each.value, "default_ttl", null) + min_ttl = lookup(each.value, "min_ttl", null) + max_ttl = lookup(each.value, "max_ttl", null) + parameters_in_cache_key_and_forwarded_to_origin { + cookies_config { + cookie_behavior = lookup(lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "cookies_config", {}), "cookie_behavior", "none") + cookies { + items = lookup(lookup(lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "cookies_config", {}), "cookies", {}), "items", []) + } + } + headers_config { + header_behavior = lookup(lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "headers_config", {}), "header_behavior", "none") + headers { + items = lookup(lookup(lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "headers_config", {}), "headers", {}), "items", []) + } + } + query_strings_config { + query_string_behavior = lookup(lookup(lookup(each.value, "local.parameters_in_cache_key_and_forwarded_to_origin", {}), "query_strings_config", {}), "query_string_behavior", "none") + query_strings { + items = lookup(lookup(lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "query_strings_config", {}), "query_strings", {}), "items", []) + } + } + enable_accept_encoding_brotli = lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "enable_accept_encoding_brotli", false) + enable_accept_encoding_gzip = lookup(lookup(each.value, "parameters_in_cache_key_and_forwarded_to_origin", {}), "enable_accept_encoding_gzip", false) + } +} diff --git a/modules/cloudfront/default/0.1/outputs.tf b/modules/cloudfront/default/0.1/outputs.tf new file mode 100644 index 000000000..dfc854b1f --- /dev/null +++ b/modules/cloudfront/default/0.1/outputs.tf @@ -0,0 +1,79 @@ +# Define your outputs here +locals { + output_interfaces = {} + output_attributes = { + cloudfront_distribution_arn = module.cloudfront.cloudfront_distribution_arn + cloudfront_distribution_domain_name = module.cloudfront.cloudfront_distribution_domain_name + cloudfront_distribution_etag = module.cloudfront.cloudfront_distribution_etag + cloudfront_distribution_id = module.cloudfront.cloudfront_distribution_id + cloudfront_distribution_last_modified_time = module.cloudfront.cloudfront_distribution_last_modified_time + cloudfront_origin_access_identities = { + for k, v in module.cloudfront.cloudfront_origin_access_identities : k => v.iam_arn + } + } +} + +# For testing +output "cloudfront_distribution_arn" { + value = module.cloudfront.cloudfront_distribution_arn +} + +output "cloudfront_distribution_caller_reference" { + value = module.cloudfront.cloudfront_distribution_caller_reference +} + +output "cloudfront_distribution_domain_name" { + value = module.cloudfront.cloudfront_distribution_domain_name +} + +output "cloudfront_distribution_etag" { + value = module.cloudfront.cloudfront_distribution_etag +} + +output "cloudfront_distribution_hosted_zone_id" { + value = module.cloudfront.cloudfront_distribution_hosted_zone_id +} + +output "cloudfront_distribution_id" { + value = module.cloudfront.cloudfront_distribution_id +} + +output "cloudfront_distribution_in_progress_validation_batches" { + value = module.cloudfront.cloudfront_distribution_in_progress_validation_batches +} + +output "cloudfront_distribution_last_modified_time" { + value = module.cloudfront.cloudfront_distribution_last_modified_time +} + +output "cloudfront_distribution_status" { + value = module.cloudfront.cloudfront_distribution_status +} + + +output "cloudfront_distribution_tags" { + value = module.cloudfront.cloudfront_distribution_tags +} + + +output "cloudfront_distribution_trusted_signers" { + value = module.cloudfront.cloudfront_distribution_trusted_signers +} + + +output "cloudfront_monitoring_subscription_id" { + value = module.cloudfront.cloudfront_monitoring_subscription_id +} + + +output "cloudfront_origin_access_identities" { + value = module.cloudfront.cloudfront_origin_access_identities +} + +output "cloudfront_origin_access_identity_iam_arns" { + value = module.cloudfront.cloudfront_origin_access_identity_iam_arns +} + +output "cloudfront_origin_access_identity_ids" { + value = module.cloudfront.cloudfront_origin_access_identity_ids +} diff --git a/modules/cloudfront/default/0.1/variables.tf b/modules/cloudfront/default/0.1/variables.tf new file mode 100644 index 000000000..878f2f294 --- /dev/null +++ b/modules/cloudfront/default/0.1/variables.tf @@ -0,0 +1,28 @@ + + + +variable "inputs" { + type = any + +} + + + + +variable "instance" { + type = any + default = {} +} + +variable "instance_name" { + type = string + default = "test_instance" +} + + +variable "environment" { + type = any + default = { + namespace = "default" + } +}