{"id":15871295,"url":"https://github.com/unfunco/terraform-aws-static-website","last_synced_at":"2026-02-15T10:37:32.781Z","repository":{"id":186354159,"uuid":"611392344","full_name":"unfunco/terraform-aws-static-website","owner":"unfunco","description":"Terraform module to create static websites in S3 with CloudFront.","archived":false,"fork":false,"pushed_at":"2023-03-18T10:18:44.000Z","size":17,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-02-07T14:45:13.795Z","etag":null,"topics":["acm","aws","cloudfront","cloudfront-distribution","s3","s3-website","static-site","static-website","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/unfunco.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2023-03-08T18:25:13.000Z","updated_at":"2023-03-18T10:19:42.000Z","dependencies_parsed_at":null,"dependency_job_id":"edc0343c-ccea-48f3-8513-375c7299ea7c","html_url":"https://github.com/unfunco/terraform-aws-static-website","commit_stats":null,"previous_names":["unfunco/terraform-aws-static-website"],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unfunco%2Fterraform-aws-static-website","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unfunco%2Fterraform-aws-static-website/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unfunco%2Fterraform-aws-static-website/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/unfunco%2Fterraform-aws-static-website/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/unfunco","download_url":"https://codeload.github.com/unfunco/terraform-aws-static-website/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246719983,"owners_count":20822831,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["acm","aws","cloudfront","cloudfront-distribution","s3","s3-website","static-site","static-website","terraform"],"created_at":"2024-10-06T00:42:40.818Z","updated_at":"2026-02-15T10:37:32.776Z","avatar_url":"https://github.com/unfunco.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# terraform-aws-static-website\n\n[![CI](https://github.com/unfunco/terraform-aws-static-website/actions/workflows/ci.yaml/badge.svg)](https://github.com/unfunco/terraform-aws-static-website/actions/workflows/ci.yaml)\n[![Terraform Registry](https://img.shields.io/badge/Terraform%20Registry-unfunco%2Fstatic--website-blue?logo=terraform)](https://registry.terraform.io/modules/unfunco/static-website/aws)\n[![License](https://img.shields.io/github/license/unfunco/terraform-aws-static-website)](LICENSE.md)\n\nTerraform module for [AWS] static website hosting with [S3], [CloudFront] CDN,\nautomatic SSL/TLS certificates, HTTP/3, IPv6, and secure defaults using\n[Origin Access Control] (OAC).\n\n## Getting started\n\n### Requirements\n\n- [Terraform] 1.14+ and the [AWS provider] 6.0+\n\n### Installation and usage\n\n\u003c!-- x-release-please-start-version --\u003e\n\n```terraform\nmodule \"website\" {\n  source  = \"unfunco/static-website/aws\"\n  version = \"0.5.0\"\n\n  domain_name = \"unfun.co\"\n}\n```\n\n#### IAM\n\nUse the bundled `modules/ci-iam-policy` module to generate an inline IAM policy\ndocument for your CI role. The module has two boolean inputs to control which\npermissions are included, `attach_content_permissions` is enough for deploy jobs\nthat sync website content and invalidate CloudFront, while\n`attach_infrastructure_permissions` is for Terraform jobs that create or update\nAWS resources.\n\n```terraform\nmodule \"ci_iam_policy_deploy\" {\n  source  = \"unfunco/static-website/aws//modules/ci-iam-policy\"\n  version = \"0.5.0\"\n\n  attach_content_permissions        = true\n  attach_infrastructure_permissions = false\n  bucket_name                       = module.website.bucket_name\n  cloudfront_distribution_arn       = module.website.cloudfront_distribution_arn\n}\n```\n\n\u003c!-- x-release-please-end --\u003e\n\n```terraform\nmodule \"oidc_github\" {\n  source  = \"unfunco/oidc-github/aws\"\n  version = \"2.0.2\"\n\n  github_repositories = [\"unfunco/unfun.co\"]\n\n  iam_role_inline_policies = {\n    deploy = module.ci_iam_policy_deploy.policy_document\n  }\n}\n```\n\n\u003c!-- BEGIN_TF_DOCS --\u003e\n\n### Resources\n\n| Name                                                                                                                                                            | Type        |\n| --------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------- |\n| [aws_acm_certificate.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/acm_certificate)                                         | resource    |\n| [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution)                         | resource    |\n| [aws_cloudfront_origin_access_control.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_control)       | resource    |\n| [aws_s3_bucket.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket)                                                     | resource    |\n| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket)                                                     | resource    |\n| [aws_s3_bucket_lifecycle_configuration.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_lifecycle_configuration)     | resource    |\n| [aws_s3_bucket_logging.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_logging)                                     | resource    |\n| [aws_s3_bucket_object_lock_configuration.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_object_lock_configuration) | resource    |\n| [aws_s3_bucket_ownership_controls.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls)               | resource    |\n| [aws_s3_bucket_ownership_controls.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls)               | resource    |\n| [aws_s3_bucket_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy)                                       | resource    |\n| [aws_s3_bucket_public_access_block.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block)             | resource    |\n| [aws_s3_bucket_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block)             | resource    |\n| [aws_s3_bucket_versioning.logs](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning)                               | resource    |\n| [aws_s3_bucket_versioning.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_versioning)                               | resource    |\n| [aws_s3_object.error_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object)                                           | resource    |\n| [aws_s3_object.index_document](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object)                                           | resource    |\n| [aws_iam_policy_document.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document)                              | data source |\n| [aws_partition.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/partition)                                                  | data source |\n\n### Inputs\n\n| Name                                  | Description                                                                                                               | Type                                                                                                                                                                                                                                                                                                                                                                                                                                                       | Default             | Required |\n| ------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------- | :------: |\n| acm_certificate_arn                   | The ARN of an existing ACM certificate to use for the CloudFront distribution. Required when create_certificate is false. | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"\"`                |    no    |\n| bucket_name                           | The name of the S3 bucket for storing website content.                                                                    | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"\"`                |    no    |\n| cloudfront_additional_origins         | Additional origins to add to the CloudFront distribution, keyed by origin ID.                                             | `map(object({ connection_attempts = optional(number, 3) connection_timeout = optional(number, 10) custom_headers = optional(map(string), {}) domain_name = string origin_access_control_id = optional(string) origin_path = optional(string) use_default_origin_access_control = optional(bool, false) }))`                                                                                                                                                | `{}`                |    no    |\n| cloudfront_allowed_methods            | The HTTP methods allowed by the CloudFront distribution.                                                                  | `list(string)`                                                                                                                                                                                                                                                                                                                                                                                                                                             | `[ \"GET\", \"HEAD\" ]` |    no    |\n| cloudfront_distribution_arn           | The ARN of an existing CloudFront distribution to use for the S3 bucket policy.                                           | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"\"`                |    no    |\n| cloudfront_distribution_price_class   | The price class for the CloudFront distribution.                                                                          | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"PriceClass_All\"`  |    no    |\n| cloudfront_ordered_cache_behaviors    | Additional ordered cache behaviors for path-based routing.                                                                | `list(object({ allowed_methods = optional(list(string), [\"GET\", \"HEAD\"]) cache_policy_id = optional(string, \"658327ea-f89d-4fab-a63d-7e88639e58f6\") cached_methods = optional(list(string), [\"GET\", \"HEAD\"]) compress = optional(bool, true) origin_request_policy_id = optional(string) path_pattern = string response_headers_policy_id = optional(string) target_origin_id = string viewer_protocol_policy = optional(string, \"redirect-to-https\") }))` | `[]`                |    no    |\n| cloudfront_response_headers_policy_id | The ID of a response headers policy to attach to the CloudFront distribution.                                             | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `null`              |    no    |\n| cloudfront_retain_on_delete           | Whether to retain the CloudFront distribution when deleting the resource.                                                 | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `false`             |    no    |\n| cloudfront_web_acl_id                 | The ID of a WAF web ACL to associate with the CloudFront distribution.                                                    | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `null`              |    no    |\n| create                                | Whether to create resources.                                                                                              | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| create_certificate                    | Whether to create an ACM certificate.                                                                                     | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| create_cloudfront_distribution        | Whether to create a CloudFront distribution.                                                                              | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| create_default_documents              | Whether to create default index and error documents.                                                                      | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| create_log_bucket                     | Whether to create a dedicated logging bucket.                                                                             | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| domain_name                           | The domain name for the website.                                                                                          | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | n/a                 |   yes    |\n| enable_logging                        | Whether to enable access logging for S3 and CloudFront.                                                                   | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| enable_versioning                     | Whether to enable versioning on the S3 bucket.                                                                            | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| error_document                        | The path to the error document returned for 4xx errors.                                                                   | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"error.html\"`      |    no    |\n| force_destroy                         | Whether to allow bucket deletion even when not empty.                                                                     | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `false`             |    no    |\n| index_document                        | The path to the index document returned for directory requests.                                                           | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"index.html\"`      |    no    |\n| log_bucket_name                       | The name of the S3 bucket for storing access logs.                                                                        | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"\"`                |    no    |\n| log_bucket_object_lock_days           | Default retention period, in days, for object lock on the logging bucket.                                                 | `number`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `365`               |    no    |\n| log_bucket_object_lock_enabled        | Whether to enable S3 Object Lock on the logging bucket. This only applies at bucket creation time.                        | `bool`                                                                                                                                                                                                                                                                                                                                                                                                                                                     | `true`              |    no    |\n| log_bucket_object_lock_mode           | Default object lock retention mode for the logging bucket. Valid values are GOVERNANCE or COMPLIANCE.                     | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"GOVERNANCE\"`      |    no    |\n| log_bucket_target_prefix              | The prefix for log objects in the logging bucket.                                                                         | `string`                                                                                                                                                                                                                                                                                                                                                                                                                                                   | `\"\"`                |    no    |\n| tags                                  | The tags to apply to all taggable resources.                                                                              | `map(string)`                                                                                                                                                                                                                                                                                                                                                                                                                                              | `{}`                |    no    |\n\n### Outputs\n\n| Name                                  | Description                                           |\n| ------------------------------------- | ----------------------------------------------------- |\n| bucket_arn                            | The ARN of the S3 bucket.                             |\n| bucket_id                             | The ID of the S3 bucket.                              |\n| bucket_name                           | The name of the S3 bucket.                            |\n| certificate_arn                       | The ARN of the ACM certificate.                       |\n| certificate_domain_validation_options | The domain validation options of the ACM certificate. |\n| cloudfront_distribution_arn           | The ARN of the CloudFront distribution.               |\n| cloudfront_distribution_id            | The CloudFront distribution ID.                       |\n| cloudfront_domain_name                | The CloudFront domain name.                           |\n| cloudfront_hosted_zone_id             | The hosted zone ID of the CloudFront distribution.    |\n\n\u003c!-- END_TF_DOCS --\u003e\n\n## License\n\n© 2023 [Daniel Morris]\\\nMade available under the terms of the [MIT License].\n\n[aws]: https://aws.amazon.com\n[aws provider]: https://registry.terraform.io/providers/hashicorp/aws\n[cloudfront]: https://aws.amazon.com/cloudfront\n[daniel morris]: https://unfun.co\n[mit license]: LICENSE.md\n[origin access control]: https://aws.amazon.com/blogs/networking-and-content-delivery/amazon-cloudfront-introduces-origin-access-control-oac/\n[s3]: https://aws.amazon.com/s3\n[terraform]: https://terraform.io\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funfunco%2Fterraform-aws-static-website","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funfunco%2Fterraform-aws-static-website","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funfunco%2Fterraform-aws-static-website/lists"}