This module will create cdn endpoint with alias and SSL-certificate and optional Cloud Front functions.
| Name | Version |
|---|---|
| terraform | ~> 1.8 |
| aws | ~> 6.0 |
| Name | Version |
|---|---|
| aws | ~> 6.0 |
| Name | Source | Version |
|---|---|---|
| certificate | github.com/terraform-aws-modules/terraform-aws-acm | v5.2.0 |
| certificate-validations | github.com/terraform-aws-modules/terraform-aws-acm | v5.2.0 |
| cloudfront | github.com/terraform-aws-modules/terraform-aws-cloudfront | v5.0.0 |
| s3_origin | github.com/terraform-aws-modules/terraform-aws-s3-bucket | v5.6.0 |
| Name | Type |
|---|---|
| aws_acm_certificate_validation.this | resource |
| aws_cloudfront_function.functions | resource |
| aws_route53_record.additional_records | resource |
| aws_route53_record.ipv6 | resource |
| aws_route53_record.this | resource |
| aws_iam_policy_document.oac_policy | data source |
| aws_iam_policy_document.oai_policy | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| r53_hostname | Hostname for CloudFront alias | string |
n/a | yes |
| r53_zone_id | Route53 zone ID to be used for hostname and certificate validation | string |
n/a | yes |
| s3_bucket_config | S3 bucket configuration | object({ |
n/a | yes |
| additional_origins | One or more additional origins for this distribution (multiples allowed). | any |
{} |
no |
| additional_zones | Map containing the Route53 Zone IDs and hostnames for additional domains | map(object({ |
{} |
no |
| cdn_logging | Prefix in s3 bucket for cdn logs | string |
"" |
no |
| cf_functions | The Cloud Front function configuration {type = object{}} ie. {"viewer-request" = object{}} type: Allowed cf event types are viewer-request and viewer-response name: Name of the function comment: Description of the function code: Source code of the function assign: true for associating the function with the cf distribution, false to remove the association. (to remove the cf function firstly set it to false to dissociate from the cf distribution) |
map(object({ |
{} |
no |
| create | Whether to create the resources | bool |
true |
no |
| create_origin_access_control | Controls if CloudFront origin access control should be created | bool |
false |
no |
| create_origin_access_identity | Controls if CloudFront origin access identity should be created | bool |
true |
no |
| custom_error_response | One or more custom error response elements | list(object({ |
[] |
no |
| default_root_object | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. | string |
null |
no |
| dns_ttl | dns ttl for the cert validation records | number |
60 |
no |
| extra_cloudfront_distributions | Extra CloudFront distributions to be associated with the S3 bucket policy | list(string) |
[] |
no |
| ipv6 | create also alias records for ipv6 | bool |
false |
no |
| ordered_cache_behavior | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. | any |
[] |
no |
| s3_logging_hostname | Hostname of S3-bucket to be used for logging | string |
"" |
no |
| s3_origin_policy_restrict_access | Folder/files to add as an condition to the S3-bucket policy resource | string |
"/*" |
no |
| tags | Map of custom tags for the provisioned resources | map(string) |
{} |
no |
| validation_timeout | Define maximum timeout to wait for the validation to complete | string |
null |
no |
| Name | Description |
|---|---|
| certificate_arn | ARN of ACM SSL certificate created for CloudFront |
| cloudfront_alias | Alias hostname of CloudFront distribution |
| cloudfront_alias_additional_zones | Alias hostname of CloudFront distribution for additional zones |
| cloudfront_arn | ARN of CloudFront distribution creates |
| cloudfront_hosted_zone_id | Hosted Zone ID CloudFront distribution uses |
| cloudfront_id | ID CloudFront distribution ID |
| s3_origin | S3 origin bucket output |