fix IAM association at cloudfront

Author: devksingh4

terraform/modules/frontend/main.tf

@@ -101,6 +101,16 @@ resource "aws_cloudfront_distribution" "app_cloudfront_distribution" {
       origin_ssl_protocols   = ["TLSv1", "TLSv1.1", "TLSv1.2"]
     }
   }
+  origin {
+    origin_id   = "IAMLambdaFunction"
+    domain_name = var.IAMLambdaHost
+    custom_origin_config {
+      http_port              = 80
+      https_port             = 443
+      origin_protocol_policy = "https-only"
+      origin_ssl_protocols   = ["TLSv1", "TLSv1.1", "TLSv1.2"]
+    }
+  }
   default_root_object = "index.html"
   aliases             = [var.CorePublicDomain]
   enabled             = true
@@ -127,6 +137,20 @@ resource "aws_cloudfront_distribution" "app_cloudfront_distribution" {
       restriction_type = "none"
     }
   }
+  ordered_cache_behavior {
+    path_pattern             = "/api/v1/iam*"
+    target_origin_id         = "IAMLambdaFunction"
+    viewer_protocol_policy   = "redirect-to-https"
+    allowed_methods          = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
+    cached_methods           = ["GET", "HEAD"]
+    cache_policy_id          = aws_cloudfront_cache_policy.headers_no_cookies.id
+    origin_request_policy_id = "b689b0a8-53d0-40ab-baf2-68738e2966ac"
+    compress                 = true
+    function_association {
+      event_type   = "viewer-request"
+      function_arn = aws_cloudfront_function.origin_key_injection.arn
+    }
+  }
   ordered_cache_behavior {
     path_pattern             = "/api/v1/events*"
     target_origin_id         = "LambdaFunction"

terraform/modules/lambdas/main.tf

@@ -12,7 +12,7 @@ data "archive_file" "sqs_lambda_code" {
 
 locals {
   core_api_lambda_name          = "${var.ProjectId}-main-server"
-  core_api_iam_lambda_name      = "${var.ProjectId}-iam-server"
+  core_api_iam_lambda_name      = "${var.ProjectId}-iam-write"
   core_sqs_consumer_lambda_name = "${var.ProjectId}-sqs-consumer"
   iam_policies = {
     shared = aws_iam_policy.shared_iam_policy.arn