Movatterモバイル変換

xoap-io/terraform-aws-web-cloudfrontPublic

generated fromxoap-io/terraform-module-template

NotificationsYou must be signed in to change notification settings
Fork0
Star7

Terraform Module to spin up a CloudFront distribution in AWS

License

MIT license

7 stars 0 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 27 Commits
.github		.github
build		build
docs		docs
.gitattributes		.gitattributes
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
CHANGELOG.md		CHANGELOG.md
CODEOWNERS.md		CODEOWNERS.md
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
README.md		README.md
kics.config		kics.config
main.tf		main.tf
outputs.tf		outputs.tf
variables.tf		variables.tf
versions.tf		versions.tf

Repository files navigation

Introduction

This is a template for Terraform modules.

It is part of our XOAP Automation Forces Open Source community library to give you a quick start into Infrastructure as Code deployments with Terraform.

We have a lot of Terraform modules that are Open Source and maintained by the XOAP staff.

Please check the links for more info, including usage information and full documentation:

Guidelines

We are using the following guidelines to write code and make it easier for everyone to follow a destinctive guideline. Please check these links before starting to work on changes.

Git Naming Conventions are an important part of the development process. They descrtibe how Branched, Commit Messages, Pull Requests and Tags should look like to make the easily understandebla for everybody in the development chain.

Git Naming Conventions

he Conventional Commits specification is a lightweight convention on top of commit messages. It provides an easy set of rules for creating an explicit commit history; which makes it easier to write automated tools on top of.

Conventional Commits

The better a Pull Request description is, the better a review can understand and decide on how to review the changes. This improves implementation speed and reduces communication between the requester and the reviewer resulting in much less overhead.

Wiriting A Great Pull Request Description

Versioning is a crucial part for Terraform Stacks and Modules. Without version tags you cannot clearly create a stable environment and be sure that your latest changes won't crash your production environment (sure it still can happen, but we are trying our best to implement everything that we can to reduce the risk)

Semantic Versioning

Naming Conventions for Terraform resources must be used.

Terraform Naming Conventions

Usage

Installation

For the first ime using this template necessary tools need to be installed.A script for PowerShell Core is provided under ./build/init.ps1

This script will install following dependencies:

This script configures:

global git template under ~/.git-template
global pre-commit hooks for prepare-commit-msg and commit-msg under ~/.git-template/hooks
github actions:
- linting and checks for pull requests from dev to master/main
- automatic tagging and release creation on pushes to master/main
- dependabot updates

It currently supports the automated installation for macOS. Support for Windows and Linux will be available soon.

Synchronisation

We provided a script under ./build/sync_template.ps1 to fetch the latest changes from this template repository.Please be aware that this is mainly a copy operation which means all your current changes have to be committed first and after running the script you have to merge this changes into your codebase.

Configuration

Requirements

Name	Version
terraform	>=1.1.6
aws	>= 4.8.0

Providers

Name	Version
aws	>= 4.8.0

Modules

Name	Source	Version
bucket	git::github.com/xoap-io/terraform-aws-storage-s3.git	v0.1.3
this_label	git::github.com/xoap-io/terraform-aws-misc-label	v0.1.1

Resources

Name	Type
aws_cloudfront_cache_policy.this	resource
aws_cloudfront_distribution.this	resource
aws_cloudfront_origin_request_policy.this	resource
aws_cloudfront_response_headers_policy.this	resource

Inputs

Name	Description	Type	Default	Required
allowed_methods	Allowed methods for accessing the CloudFront Distribution	`list(string)`	[ "GET", "HEAD", "OPTIONS" ]	no
cached_methods	Cache methods for accessing the CloudFront Distribution	`list(string)`	[ "GET", "HEAD" ]	no
cf_default_ttl	CloudFront default TTL for cachine	`string`	`"86400"`	no
cf_max_ttl	CloudFront maximum TTL for caching	`string`	`"31536000"`	no
cf_min_ttl	CloudFront minimum TTL for caching	`string`	`"0"`	no
cf_price_class	CloudFront price class	`string`	`"PriceClass_All"`	no
cloudfront_aliases	List of hostnames to serve site on. E.g. with and without www	`list(string)`	n/a	yes
cloudfront_allowed_methods	Allowed methods for accessing the CloudFront Distribution	`list(string)`	[ "GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE" ]	no
cloudfront_cached_methods	Cache methods for accessing the CloudFront Distribution	`list(string)`	[ "GET", "HEAD" ]	no
cloudfront_certificate_arn	ARN of the ACM certificate to use for cloudfront. Must be issued in us-east-1	`string`	n/a	yes
cloudfront_default_ttl	CloudFront default TTL for cachine	`string`	`"1"`	no
cloudfront_max_ttl	CloudFront maximum TTL for caching	`string`	`"10"`	no
cloudfront_min_ttl	CloudFront minimum TTL for caching	`string`	`"0"`	no
cloudfront_minimum_tls_version	Minimum allowed TLS version	`string`	`"TLSv1.2_2021"`	no
cloudfront_origin_id	Origin ID used in CloudFront	`string`	`"alb"`	no
cloudfront_price_class	CloudFront price class	`string`	`"PriceClass_All"`	no
cloudfront_viewer_protocol_policy	One of allow-all, https-only, or redirect-to-https	`string`	`"redirect-to-https"`	no
context	Default environmental context	object({ organization = string environment = string account = string product = string tags = map(string) })	n/a	yes
cors_allowed_headers	List of headers allowed in CORS	`list(string)`	`[]`	no
cors_allowed_methods	List of methods allowed in CORS	`list(string)`	[ "GET" ]	no
cors_allowed_origins	List of origins allowed to make CORS requests	`list(string)`	[ "https://s3.amazonaws.com" ]	no
cors_expose_headers	List of headers to expose in CORS response	`list(string)`	`[]`	no
cors_max_age_seconds	Specifies time in seconds that browser can cache the response for a preflight request	`string`	`3000`	no
custom_error_response	Optionally a list of custom error response configurations for CloudFront distribution	set(object({ error_code = number response_code = number response_page_path = string }))	`null`	no
default_root_object	CloudFront distribution default_root_object	`string`	`"index.html"`	no
error_document	Error page document in S3 bucket	`string`	`"404.html"`	no
index_document	Index page document in S3 bucket	`string`	`"index.html"`	no
logging_bucket	Target Bucket name for logging	`string`	n/a	yes
minimum_tls_version	Minimum support TLS version	`string`	`"TLSv1.2_2021"`	no
origin_path	Path in S3 bucket for hosted files, with leading slash	`string`	`""`	no
routing_rules	A json array containing routing rules describing redirect behavior and when redirects are applied	`map(string)`	{ "/": "index.html" }	no
s3_origin_id	Origin ID used in CloudFront	`string`	`"s3-origin"`	no
site_name	Name of bucket to be created in S3. Must be globally unique.	`string`	n/a	yes
viewer_protocol_policy	One of allow-all, https-only, or redirect-to-https	`string`	`"redirect-to-https"`	no