Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/dfds/aws-modules-cloudfront


https://github.com/dfds/aws-modules-cloudfront

Last synced: 5 months ago
JSON representation

Awesome Lists containing this project

README 

          
# aws-modules-cloudfront

Module for AWS Cloudfront distribution



# Documentation



## Requirements



| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.0.0 |

|  [aws](#requirement\_aws) | >= 4.50.0 |



## Providers



| Name | Version |

|------|---------|

|  [aws](#provider\_aws) | >= 4.50.0 |



## Modules



No modules.



## Resources



| Name | Type |

|------|------|

| [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [aliases](#input\_aliases) | List of extra CNAMEs (alternate domain names), if any, for this distribution | `list(string)` | `[]` | no |

|  [allowed\_methods](#input\_allowed\_methods) | Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin | `list(string)` | n/a | yes |

|  [cache\_policy\_id](#input\_cache\_policy\_id) | The unique identifier of the cache policy that is attached to the cache behavior | `string` | `""` | no |

|  [cached\_methods](#input\_cached\_methods) | Controls whether CloudFront caches the response to requests using the specified HTTP methods | `list(string)` | n/a | yes |

|  [comment](#input\_comment) | Any comments you want to include about the distribution | `string` | `""` | no |

|  [compress](#input\_compress) | Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header | `bool` | `false` | no |

|  [custom\_error\_response](#input\_custom\_error\_response) | One or more custom error response elements (multiples allowed) | 
list(object({
    error_code            = string
    error_caching_min_ttl = number
    response_code         = string
    response_page_path    = string
  }))
 | `[]` | no |

|  [default\_root\_object](#input\_default\_root\_object) | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL | `string` | `""` | no |

|  [default\_ttl](#input\_default\_ttl) | n/a | `number` | `3600` | no |

|  [enabled](#input\_enabled) | Whether the distribution is enabled to accept end user requests for content | `bool` | `true` | no |

|  [field\_level\_encryption\_id](#input\_field\_level\_encryption\_id) | Field level encryption configuration ID | `string` | `""` | no |

|  [forwarded\_values](#input\_forwarded\_values) | The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one) | 
object({
    query_string            = bool
    headers                 = optional(list(string))
    query_string_cache_keys = optional(list(string))
    cookies = object({
      forward           = string
      whitelisted_names = optional(list(string))
    })
  })
 | 
{
  "cookies": {
    "forward": "none"
  },
  "query_string": false
}
 | no |

|  [function\_association](#input\_function\_association) | A config block that triggers a cloudfront function with specific actions (maximum 2) | 
list(object({
    event_type = string
    lambda_arn = string
  }))
 | `[]` | no |

|  [http\_version](#input\_http\_version) | The maximum HTTP version to support on the distribution | `string` | `"http2"` | no |

|  [is\_ipv6\_enabled](#input\_is\_ipv6\_enabled) | Whether the IPv6 is enabled for the distribution | `bool` | `false` | no |

|  [lambda\_function\_association](#input\_lambda\_function\_association) | A config block that triggers a lambda function with specific actions (maximum 4) | 
list(object({
    event_type   = string
    lambda_arn   = string
    include_body = optional(bool)
  }))
 | `[]` | no |

|  [logging\_config](#input\_logging\_config) | The logging configuration that controls how logs are written to your distribution (maximum one) | 
object({
    bucket          = string
    include_cookies = optional(bool)
    prefix          = optional(string)
  })
 | 
{
  "bucket": null
}
 | no |

|  [max\_ttl](#input\_max\_ttl) | The maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires headers`. | `number` | `86400` | no |

|  [min\_ttl](#input\_min\_ttl) | The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated | `number` | `0` | no |

|  [ordered\_cache\_behavior](#input\_ordered\_cache\_behavior) | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0 | `list(any)` | `[]` | no |

|  [origin](#input\_origin) | One or more origins for this distribution (multiples allowed) | 
list(object({
    domain_name         = string
    origin_id           = string
    connection_attempts = optional(number)
    connection_timeout  = optional(number)
    custom_header = optional(list(object({
      name  = optional(string)
      value = optional(string)
    })))
    custom_origin_config = optional(object({
      http_port                = optional(number)
      https_port               = optional(number)
      origin_protocol_policy   = optional(string)
      origin_ssl_protocols     = optional(string)
      origin_keepalive_timeout = optional(number)
      origin_read_timeout      = optional(number)
    }))
    origin_access_control_id = optional(string)
    origin_path              = optional(string)
    origin_shield = optional(object({
      enabled              = optional(bool)
      origin_shield_region = optional(string)
    }))
    s3_origin_config = optional(object({
      origin_access_identity = string
    }))
  }))
 | n/a | yes |

|  [origin\_group](#input\_origin\_group) | One or more origin\_group for this distribution (multiples allowed) | 
list(object({
    origin_id = string
    failover_criteria = object({
      status_codes = list(number)
    })
    member = list(object({
      origin_id = string
    }))
  }))
 | `[]` | no |

|  [price\_class](#input\_price\_class) | The price class for this distribution | `string` | `"PriceClass_100"` | no |

|  [realtime\_log\_config\_arn](#input\_realtime\_log\_config\_arn) | The ARN of the real-time log configuration that is attached to this cache behavior | `string` | `""` | no |

|  [response\_headers\_policy\_id](#input\_response\_headers\_policy\_id) | The identifier for a response headers policy | `string` | `""` | no |

|  [restrictions](#input\_restrictions) | The restriction configuration for this distribution (maximum one) | 
object({
    geo_restriction = object({
      locations        = list(string)
      restriction_type = string
    })
  })
 | n/a | yes |

|  [retain\_on\_delete](#input\_retain\_on\_delete) | Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards | `bool` | `false` | no |

|  [tags](#input\_tags) | Tags for the CloudFront distribution | `object({})` | `{}` | no |

|  [target\_origin\_id](#input\_target\_origin\_id) | The value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior | `string` | n/a | yes |

|  [trusted\_key\_groups](#input\_trusted\_key\_groups) | A list of key group IDs that CloudFront can use to validate signed URLs or signed cookies | `list(string)` | `[]` | no |

|  [trusted\_signers](#input\_trusted\_signers) | List of AWS account IDs (or `self`) that you want to allow to create signed URLs for private content | `list(string)` | `[]` | no |

|  [viewer\_certificate](#input\_viewer\_certificate) | The SSL configuration for this distribution (maximum one). | 
object({
    acm_certificate_arn            = optional(string)
    cloudfront_default_certificate = optional(bool)
    iam_certificate_id             = optional(string)
    minimum_protocol_version       = optional(string)
    ssl_support_method             = optional(string)
  })
 | `{}` | no |

|  [viewer\_protocol\_policy](#input\_viewer\_protocol\_policy) | Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern | `string` | n/a | yes |

|  [wait\_for\_deployment](#input\_wait\_for\_deployment) | If enabled, the resource will wait for the distribution status to change from `InProgress` to `Deployed`. Setting this to `false` will skip the process | `bool` | `true` | no |

|  [web\_acl\_id](#input\_web\_acl\_id) | A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution | `string` | `""` | no |



## Outputs



| Name | Description |

|------|-------------|

|  [cloudfront\_arn](#output\_cloudfront\_arn) | ARN of the cloudfront distribution |

|  [domain\_name](#output\_domain\_name) | Domain name |