May 20, 2024 · May 20, 2024 · May 20, 2024 · May 20, 2024 · May 20, 2024
diff --git a/.gitignore b/.gitignore
 ### Terraform ###
 # Local .terraform directories
 **/.terraform/*

 # .tfstate files
 *.tfstate
 *.tfstate.*

 # Crash log files
 crash.log
 crash.*.log

 # Ignore override files as they are usually used to override resources locally and so
 # are not checked in
 override.tf
 override.tf.json
 *_override.tf
 *_override.tf.json

 # Ignore CLI configuration files
 .terraformrc
 terraform.rc
diff --git a/.tflint.hcl b/.tflint.hcl
 config {
  format = "compact"
  module = true
 }

 plugin "aws" {
    enabled = true
    version = "0.30.0"
    source  = "github.com/terraform-linters/tflint-ruleset-aws"
 }

 rule "terraform_comment_syntax" {
    enabled = true
 }

 rule "terraform_naming_convention" {
  enabled = true
 }

 rule "terraform_documented_variables" {
  enabled = true
 }
diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
 # Contributing to Forest Terraform

 We'd love for you to contribute to our source code and to make the Forest even better than it is today! Here are the guidelines we'd like you to follow:

 * [Issues and Bugs](#issue)
 * [Feature Requests](#feature)
 * [Submission Guidelines](#submit)
 * [Further Info](#info)


 ## <a name="issue"></a> Found an Issue?

 If you find a bug in the source code or a mistake in the documentation, you can help us by submitting an issue to our [Github Repository][github]. Even better you can submit a Pull Request with a fix.

 **Please see the [Submission Guidelines](#submit) below.**

 ## <a name="feature"></a> Want a Feature?

 You can request a new feature by submitting an issue to our [Github Repository][github]. If you would like to implement a new feature then consider what kind of change it is:

 * **Major Changes**
 * **Small Changes** can be crafted and submitted to the [Github Repository][github] as a Pull Request.

 ## <a name="docs"></a> Want a Doc Fix?

 If you want to help improve the docs, it's a good idea to let others know what you're working on to minimize duplication of effort. Create a new issue (or comment on a related existing one) to let others know what you're working on.

 For large fixes, please build and test the documentation before submitting the MR to be sure you haven't accidentally introduced any layout or formatting issues. You should also make sure that your commit message starts with "docs" and follows the **[Commit Message Guidelines](#commit)** outlined below.

 ## <a name="submit"></a> Submission Guidelines

 ### Submitting an Issue

 Before you submit your issue search the archive, maybe your question was already answered.

 If your issue appears to be a bug, and hasn't been reported, open a new issue. Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues. Providing the following information will increase the chances of your issue being dealt with quickly:

 * **Overview of the Issue** - if an error is being thrown a non-minified stack trace helps
 * **Motivation for or Use Case** - explain why this is a bug for you
 * **Forest Version(s)** - is it a regression?
 * **Reproduce the Error** - try to describe how to reproduce the error
 * **Related Issues** - has a similar issue been reported before?
 * **Suggest a Fix** - if you can't fix the bug yourself, perhaps you can point to what might be
  causing the problem (line of code or commit)

 **If you get help, help others. Good karma rulez!**

 ### Submitting a Pull Request

 Before you submit your pull request consider the following guidelines:

 * Make your changes in a new git branch:

    ```shell
    git checkout -b my-fix-branch main
    ```

 * Create your patch, **including appropriate test cases**.
 * Install [Terraform](https://www.terraform.io/). check `required_version` in `versions.tf` for the current development version of the module.
 * Installs
    * Install [tflint](https://github.com/terraform-linters/tflint). We use tflint to lint the terraform code.
    * Initialize the terraform modules:

        ```shell
        terraform init
        ```

 * For updating docs, you have to enable GitHub actions on your forked repository. Simply go to the tab Actions and enable actions.
 * Commit your changes using a descriptive commit message:

    ```shell
    git commit -a
    ```

  Note: the optional commit `-a` command line option will automatically "add" and "rm" edited files.

 * Push your branch to Github:

    ```shell
    git push origin my-fix-branch
    ```

 In Github, send a pull request to original main branch: f.e. `terraform-aws-complete-static-site:main`.
 If we suggest changes, then:

 * Make the required updates.
 * Re-run the test suite to ensure tests are still passing.
 * Commit your changes to your branch (e.g. `my-fix-branch`).
 * Push the changes to your Github repository (this will update your Pull Request).

 If the PR gets too outdated we may ask you to rebase and force push to update the PR:

 ```shell
 git rebase main -i
 git push origin my-fix-branch -f
 ```

 _WARNING: Squashing or reverting commits and force-pushing thereafter may remove Github comments on code that were previously made by you or others in your commits. Avoid any form of rebasing unless necessary.

 That's it! Thank you for your contribution!

 #### After your merge request is merged

 After your pull request is merged, you can safely delete your branch and pull the changes
 from the main (upstream) repository:

 * Delete the remote branch on Github either through the Github web UI or your local shell as follows:

    ```shell
    git push origin --delete my-fix-branch
    ```

 * Check out the main branch:

    ```shell
    git checkout main -f
    ```

 * Delete the local branch:

    ```shell
    git branch -D my-fix-branch
    ```

 * Update your main with the latest upstream version:

    ```shell
    git pull --ff upstream main
    ```

 ## <a name="info"></a> Info

 [contribute]: CONTRIBUTING.md
 [github]: https://github.com/iKnowJavaScript/terraform-aws-complete-static-site/issues
diff --git a/LICENSE b/LICENSE
 MIT License

 Copyright (c) 2024 Victor Omolayo

 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
 in the Software without restriction, including without limitation the rights
 to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 copies of the Software, and to permit persons to whom the Software is
 furnished to do so, subject to the following conditions:

 The above copyright notice and this permission notice shall be included in all
 copies or substantial portions of the Software.

 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
 IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
 AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
 SOFTWARE.
diff --git a/README.md b/README.md
 # terraform-aws-complete-static-site
 # AWS Static Website Hosting Project

 This project provides a Terraform configuration for hosting a static website on AWS. It creates and configures the necessary AWS resources including S3, Route 53 (DNS), IAM, CloudFront, and WAF.

 ## Description

 This project sets up an S3 bucket for storing your static website content, a CloudFront distribution for content delivery, a WAF WebACL for protecting your site, and a Route 53 record for DNS. It also creates an IAM user for managing continuous deployment to the s3 bucket.

 ## How to Use

 1. **Clone the Repository**: Clone this repository to your local machine.

 2. **Install Terraform**: If you haven't already, [install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli).

 3. **Configure AWS Credentials**: Ensure your AWS credentials are correctly configured. You can set them in your environment variables or in your AWS credentials file.

 4. **Update Credential**: Navigate to the project directory, update the `input.auto.tfvars` file to suite your project need and update `terraform.tf` backend object as deem fit or remove if you don't intent to save your states remotely.

 5. **Initialize Terraform**: Navigate to the project directory and run `terraform init` to initialize your Terraform workspace.

 6. **Apply the Configuration**: Run `terraform apply` to create the AWS resources. You'll be prompted to confirm that you want to create the resources.

 7. **Upload Your Website**: Once the resources are created, you can upload your static website content to the S3 bucket. The bucket name will be output by the `terraform apply` command.

 8. **Access Your Website**: After your content is uploaded, you can access your website via the CloudFront distribution URL, which will also be output by the `terraform apply` command.


 ## License

 This project is licensed under the MIT License. See the [LICENSE.md](LICENSE.md) file for details.
diff --git a/examples/with-custom-subdomain/main.tf b/examples/with-custom-subdomain/main.tf
 module "website" {
  source = "../../"

  name                 = "example-website"
  environment          = "prod"
  hosted_zone_domain   = "example.com"
  custom_domain_name   = "example-website.example.com"
  create_custom_domain = true
  aws_region           = "us-east-2"
 }
diff --git a/examples/with-custom-subdomain/output.tf b/examples/with-custom-subdomain/output.tf
 output "cloudflare_domain" {
  description = "Direct cloudflare domain"
  value       = module.website.cloudflare_domain
 }

 output "custom_domain" {
  description = "Custom domain name"
  value       = module.website.custom_domain
 }

 output "bucket_name" {
  description = "S3 bucket name"
  value       = module.website.bucket_name
 }

 output "access_key_id" {
  value       = module.website.access_key_id
  description = "The access key ID for the S3 user"
 }

 output "secret_access_key" {
  value       = module.website.secret_access_key
  description = "The secret access key for the S3 user"
  sensitive   = true
 }

 # to view sensitive secret, try
 # terraform output secret_access_key
diff --git a/examples/with-custom-subdomain/terraform.tf b/examples/with-custom-subdomain/terraform.tf
 terraform {
  required_version = ">= 1.3"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
 }

 provider "aws" {
  region = "us-east-2"
 }
diff --git a/examples/without-custom-domain/main.tf b/examples/without-custom-domain/main.tf
 module "website" {
  source = "../../"

  name                 = "example-website"
  environment          = "prod"
  create_custom_domain = false
  aws_region           = "us-east-2"
 }
diff --git a/examples/without-custom-domain/output.tf b/examples/without-custom-domain/output.tf
 output "cloudflare_domain" {
  description = "Direct cloudflare domain"
  value       = module.website.cloudflare_domain
 }

 output "custom_domain" {
  description = "Custom domain name"
  value       = module.website.custom_domain
 }

 output "bucket_name" {
  description = "S3 bucket name"
  value       = module.website.bucket_name
 }

 output "access_key_id" {
  value       = module.website.access_key_id
  description = "The access key ID for the S3 user"
 }

 output "secret_access_key" {
  value       = module.website.secret_access_key
  description = "The secret access key for the S3 user"
  sensitive   = true
 }

 # to view sensitive secret, try
 # terraform output secret_access_key
diff --git a/examples/without-custom-domain/terraform.tf b/examples/without-custom-domain/terraform.tf
 terraform {
  required_version = ">= 1.3"

  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 4.0"
    }
  }
 }

 provider "aws" {
  region = "us-east-2"
 }
diff --git a/iam-user.tf b/iam-user.tf
 resource "aws_iam_user" "s3_user" {
  name = "s3_full_access_user_for_${var.name}"
 }

 resource "aws_iam_access_key" "s3_user_key" {
  user = aws_iam_user.s3_user.name
 }

 resource "aws_iam_user_policy" "s3_full_access" {
  name = "s3_full_access"
  user = aws_iam_user.s3_user.name

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [
      {
        Action = "s3:*"
        Effect = "Allow"
        Resource = [
          aws_s3_bucket.static_bucket.arn,
          "${aws_s3_bucket.static_bucket.arn}/*"
        ]
      }
    ]
  })
 }

 resource "aws_s3_bucket_policy" "s3policyforOAI" {
  bucket = aws_s3_bucket.static_bucket.id

  policy = jsonencode({
    Version = "2012-10-17",
    Statement = [
      {
        Action   = ["s3:GetObject"],
        Effect   = "Allow",
        Resource = "${aws_s3_bucket.static_bucket.arn}/*",
        Principal = {
          AWS = "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${module.cloudfront.oai_id}"
        }
      }
    ]
  })
 }
diff --git a/inputs.auto.tfvars b/inputs.auto.tfvars
 name               = "your-app-name"
 environment        = "prod"
 hosted_zone_domain = "hibgli.com"
 custom_domain_name   = "static.hibgli.com"
 create_custom_domain = true
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,22 @@
		### Terraform ###
		# Local .terraform directories
		*/.terraform/

		# .tfstate files
		*.tfstate
		.tfstate.

		# Crash log files
		crash.log
		crash.*.log

		# Ignore override files as they are usually used to override resources locally and so
		# are not checked in
		override.tf
		override.tf.json
		*_override.tf
		*_override.tf.json

		# Ignore CLI configuration files
		.terraformrc
		terraform.rc
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,22 @@
		config {
		format = "compact"
		module = true
		}

		plugin "aws" {
		enabled = true
		version = "0.30.0"
		source = "github.com/terraform-linters/tflint-ruleset-aws"
		}

		rule "terraform_comment_syntax" {
		enabled = true
		}

		rule "terraform_naming_convention" {
		enabled = true
		}

		rule "terraform_documented_variables" {
		enabled = true
		}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,134 @@
		# Contributing to Forest Terraform

		We'd love for you to contribute to our source code and to make the Forest even better than it is today! Here are the guidelines we'd like you to follow:

		* [Issues and Bugs](#issue)
		* [Feature Requests](#feature)
		* [Submission Guidelines](#submit)
		* [Further Info](#info)


		## <a name="issue"></a> Found an Issue?

		If you find a bug in the source code or a mistake in the documentation, you can help us by submitting an issue to our [Github Repository][github]. Even better you can submit a Pull Request with a fix.

		Please see the [Submission Guidelines](#submit) below.

		## <a name="feature"></a> Want a Feature?

		You can request a new feature by submitting an issue to our [Github Repository][github]. If you would like to implement a new feature then consider what kind of change it is:

		* Major Changes
		* Small Changes can be crafted and submitted to the [Github Repository][github] as a Pull Request.

		## <a name="docs"></a> Want a Doc Fix?

		If you want to help improve the docs, it's a good idea to let others know what you're working on to minimize duplication of effort. Create a new issue (or comment on a related existing one) to let others know what you're working on.

		For large fixes, please build and test the documentation before submitting the MR to be sure you haven't accidentally introduced any layout or formatting issues. You should also make sure that your commit message starts with "docs" and follows the [Commit Message Guidelines](#commit) outlined below.

		## <a name="submit"></a> Submission Guidelines

		### Submitting an Issue

		Before you submit your issue search the archive, maybe your question was already answered.

		If your issue appears to be a bug, and hasn't been reported, open a new issue. Help us to maximize the effort we can spend fixing issues and adding new features, by not reporting duplicate issues. Providing the following information will increase the chances of your issue being dealt with quickly:

		* Overview of the Issue - if an error is being thrown a non-minified stack trace helps
		* Motivation for or Use Case - explain why this is a bug for you
		* Forest Version(s) - is it a regression?
		* Reproduce the Error - try to describe how to reproduce the error
		* Related Issues - has a similar issue been reported before?
		* Suggest a Fix - if you can't fix the bug yourself, perhaps you can point to what might be
		causing the problem (line of code or commit)

		If you get help, help others. Good karma rulez!

		### Submitting a Pull Request

		Before you submit your pull request consider the following guidelines:

		* Make your changes in a new git branch:

		```shell
		git checkout -b my-fix-branch main
		```

		* Create your patch, including appropriate test cases.
		* Install [Terraform](https://www.terraform.io/). check `required_version` in `versions.tf` for the current development version of the module.
		* Installs
		* Install [tflint](https://github.com/terraform-linters/tflint). We use tflint to lint the terraform code.
		* Initialize the terraform modules:

		```shell
		terraform init
		```

		* For updating docs, you have to enable GitHub actions on your forked repository. Simply go to the tab Actions and enable actions.
		* Commit your changes using a descriptive commit message:

		```shell
		git commit -a
		```

		Note: the optional commit `-a` command line option will automatically "add" and "rm" edited files.

		* Push your branch to Github:

		```shell
		git push origin my-fix-branch
		```

		In Github, send a pull request to original main branch: f.e. `terraform-aws-complete-static-site:main`.
		If we suggest changes, then:

		* Make the required updates.
		* Re-run the test suite to ensure tests are still passing.
		* Commit your changes to your branch (e.g. `my-fix-branch`).
		* Push the changes to your Github repository (this will update your Pull Request).

		If the PR gets too outdated we may ask you to rebase and force push to update the PR:

		```shell
		git rebase main -i
		git push origin my-fix-branch -f
		```

		_WARNING: Squashing or reverting commits and force-pushing thereafter may remove Github comments on code that were previously made by you or others in your commits. Avoid any form of rebasing unless necessary.

		That's it! Thank you for your contribution!

		#### After your merge request is merged

		After your pull request is merged, you can safely delete your branch and pull the changes
		from the main (upstream) repository:

		* Delete the remote branch on Github either through the Github web UI or your local shell as follows:

		```shell
		git push origin --delete my-fix-branch
		```

		* Check out the main branch:

		```shell
		git checkout main -f
		```

		* Delete the local branch:

		```shell
		git branch -D my-fix-branch
		```

		* Update your main with the latest upstream version:

		```shell
		git pull --ff upstream main
		```

		## <a name="info"></a> Info

		[contribute]: CONTRIBUTING.md
		[github]: https://github.com/iKnowJavaScript/terraform-aws-complete-static-site/issues
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,21 @@
		MIT License

		Copyright (c) 2024 Victor Omolayo

		Permission is hereby granted, free of charge, to any person obtaining a copy
		of this software and associated documentation files (the "Software"), to deal
		in the Software without restriction, including without limitation the rights
		to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
		copies of the Software, and to permit persons to whom the Software is
		furnished to do so, subject to the following conditions:

		The above copyright notice and this permission notice shall be included in all
		copies or substantial portions of the Software.

		THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
		IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
		FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
		AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
		LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
		OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
		SOFTWARE.
Original file line number	Diff line number	Diff line change
		@@ -1 +1,30 @@
		# terraform-aws-complete-static-site
		# AWS Static Website Hosting Project

		This project provides a Terraform configuration for hosting a static website on AWS. It creates and configures the necessary AWS resources including S3, Route 53 (DNS), IAM, CloudFront, and WAF.

		## Description

		This project sets up an S3 bucket for storing your static website content, a CloudFront distribution for content delivery, a WAF WebACL for protecting your site, and a Route 53 record for DNS. It also creates an IAM user for managing continuous deployment to the s3 bucket.

		## How to Use

		1. Clone the Repository: Clone this repository to your local machine.

		2. Install Terraform: If you haven't already, [install Terraform](https://learn.hashicorp.com/tutorials/terraform/install-cli).

		3. Configure AWS Credentials: Ensure your AWS credentials are correctly configured. You can set them in your environment variables or in your AWS credentials file.

		4. Update Credential: Navigate to the project directory, update the `input.auto.tfvars` file to suite your project need and update `terraform.tf` backend object as deem fit or remove if you don't intent to save your states remotely.

		5. Initialize Terraform: Navigate to the project directory and run `terraform init` to initialize your Terraform workspace.

		6. Apply the Configuration: Run `terraform apply` to create the AWS resources. You'll be prompted to confirm that you want to create the resources.

		7. Upload Your Website: Once the resources are created, you can upload your static website content to the S3 bucket. The bucket name will be output by the `terraform apply` command.

		8. Access Your Website: After your content is uploaded, you can access your website via the CloudFront distribution URL, which will also be output by the `terraform apply` command.


		## License

		This project is licensed under the MIT License. See the [LICENSE.md](LICENSE.md) file for details.
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,10 @@
		module "website" {
		source = "../../"

		name = "example-website"
		environment = "prod"
		hosted_zone_domain = "example.com"
		custom_domain_name = "example-website.example.com"
		create_custom_domain = true
		aws_region = "us-east-2"
		}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,28 @@
		output "cloudflare_domain" {
		description = "Direct cloudflare domain"
		value = module.website.cloudflare_domain
		}

		output "custom_domain" {
		description = "Custom domain name"
		value = module.website.custom_domain
		}

		output "bucket_name" {
		description = "S3 bucket name"
		value = module.website.bucket_name
		}

		output "access_key_id" {
		value = module.website.access_key_id
		description = "The access key ID for the S3 user"
		}

		output "secret_access_key" {
		value = module.website.secret_access_key
		description = "The secret access key for the S3 user"
		sensitive = true
		}

		# to view sensitive secret, try
		# terraform output secret_access_key
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,14 @@
		terraform {
		required_version = ">= 1.3"

		required_providers {
		aws = {
		source = "hashicorp/aws"
		version = "~> 4.0"
		}
		}
		}

		provider "aws" {
		region = "us-east-2"
		}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,8 @@
		module "website" {
		source = "../../"

		name = "example-website"
		environment = "prod"
		create_custom_domain = false
		aws_region = "us-east-2"
		}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,44 @@
		resource "aws_iam_user" "s3_user" {
		name = "s3_full_access_user_for_${var.name}"
		}

		resource "aws_iam_access_key" "s3_user_key" {
		user = aws_iam_user.s3_user.name
		}

		resource "aws_iam_user_policy" "s3_full_access" {
		name = "s3_full_access"
		user = aws_iam_user.s3_user.name

		policy = jsonencode({
		Version = "2012-10-17"
		Statement = [
		{
		Action = "s3:*"
		Effect = "Allow"
		Resource = [
		aws_s3_bucket.static_bucket.arn,
		"${aws_s3_bucket.static_bucket.arn}/*"
		]
		}
		]
		})
		}

		resource "aws_s3_bucket_policy" "s3policyforOAI" {
		bucket = aws_s3_bucket.static_bucket.id

		policy = jsonencode({
		Version = "2012-10-17",
		Statement = [
		{
		Action = ["s3:GetObject"],
		Effect = "Allow",
		Resource = "${aws_s3_bucket.static_bucket.arn}/*",
		Principal = {
		AWS = "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity ${module.cloudfront.oai_id}"
		}
		}
		]
		})
		}