From 804913f00fdba6a1d3b6cadd69dce518676ea4c4 Mon Sep 17 00:00:00 2001 From: larriquin <33453129+larriquin@users.noreply.github.com> Date: Sat, 25 Nov 2023 18:04:13 +1100 Subject: [PATCH 1/3] Add cloudfront.tf --- .../terraform/compute/cloudfront.tf | 103 ++++++++++++++++-- 1 file changed, 93 insertions(+), 10 deletions(-) diff --git a/infrastructure/terraform/compute/cloudfront.tf b/infrastructure/terraform/compute/cloudfront.tf index 6a71963..cac56e7 100644 --- a/infrastructure/terraform/compute/cloudfront.tf +++ b/infrastructure/terraform/compute/cloudfront.tf @@ -1,10 +1,93 @@ -# resource "aws_cloudfront_distribution" "my_distribution" { -# origin { -# domain_name = "your-s3-bucket.s3.amazonaws.com" -# origin_id = "S3BucketOrigin" -# } - -# enabled = true -# is_ipv6_enabled = true -# default_root_object = "index.html" -# } +resource "aws_cloudfront_distribution" "my_cloudfront_distribution" { + enabled = true + + origin { + domain_name = var.s3_static_website_domain_name + origin_id = "myS3Origin" + + s3_origin_config { + origin_access_identity = aws_cloudfront_origin_access_identity.my_origin_access_identity.cloudfront_access_identity_path + } + } + + origin { + domain_name = aws_api_gateway_domain_name.dynamodb_api_domain_name + origin_id = "DynamoDBAPIOrigin" + + custom_origin_config { + http_port = 80 + https_port = 443 + origin_protocol_policy = "https-only" + origin_ssl_protocols = "" + } + } + + default_cache_behavior { + target_origin_id = "myS3Origin" + viewer_protocol_policy = "redirect-to-https" + allowed_methods = "" + cached_methods = "" + + forwarded_values { + query_string = false + + cookies { + forward = "none" + } + } + } + + restrictions { + geo_restriction { + restriction_type = "whitelist" + locations = ["US", "CA", "GB", "DE"] + } + } + + viewer_certificate { + + } + + default_root_object = "index.html" +} + + +resource "aws_cloudfront_origin_access_identity" "my_origin_access_identity" { + comment = "OAI for ${aws_s3_bucket.website_bucket.bucket}" +} + + +# CloudFront setup +# CloudFrontDistribution: +# Type: AWS::CloudFront::Distribution +# Properties: +# DistributionConfig: + +# Origins: +# - Id: myS3Origin +# DomainName: !GetAtt [WebsiteBucket, DomainName] + +# S3OriginConfig: +# OriginAccessIdentity: !Sub origin-access-identity/cloudfront/${OriginAccessIdentity} +# - Id: DynamoDBAPIOrigin +# DomainName: !Sub '${DynamoDBAPI}.execute-api.${AWS::Region}.amazonaws.com' + +# CustomOriginConfig: +# HTTPPort: 80 +# HTTPSPort: 443 +# OriginProtocolPolicy: https-only +# Enabled: true +# DefaultCacheBehavior: +# TargetOriginId: myS3Origin +# ViewerProtocolPolicy: redirect-to-https +# ForwardedValues: +# QueryString: false +# Cookies: +# Forward: none +# DefaultRootObject: index.html + +# OriginAccessIdentity: +# Type: AWS::CloudFront::CloudFrontOriginAccessIdentity +# Properties: +# CloudFrontOriginAccessIdentityConfig: +# Comment: !Sub "OAI for ${WebsiteBucket}" \ No newline at end of file From 9513fac4963c2bc28a16c10ff6d31a34acef0551 Mon Sep 17 00:00:00 2001 From: larriquin <33453129+larriquin@users.noreply.github.com> Date: Sat, 25 Nov 2023 18:04:38 +1100 Subject: [PATCH 2/3] Add compute_vars.tf --- .../terraform/compute/compute_vars.tf | 22 +++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 infrastructure/terraform/compute/compute_vars.tf diff --git a/infrastructure/terraform/compute/compute_vars.tf b/infrastructure/terraform/compute/compute_vars.tf new file mode 100644 index 0000000..2e6e40c --- /dev/null +++ b/infrastructure/terraform/compute/compute_vars.tf @@ -0,0 +1,22 @@ +# This file contains all the variables that are used in the terraform code +# Path: infrastructure/terraform/variables.tfvars + +# Twilio variables +variable "twilio_account_sid" { + description = "The Twilio account SID" + type = string + default = "" + +} +variable "twilio_auth_token" { + description = "The Twilio auth token" + type = string + default = "" +} + +variable "s3_static_website_domain_name" { + description = "S3 static website bucket name" + type = string + default = "myS3Origin" +} + From cdc2321562a13533125fb9b517c43c97bb0d6157 Mon Sep 17 00:00:00 2001 From: larriquin <33453129+larriquin@users.noreply.github.com> Date: Sat, 25 Nov 2023 18:06:12 +1100 Subject: [PATCH 3/3] Add comments --- infrastructure/terraform/compute/cloudfront.tf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/infrastructure/terraform/compute/cloudfront.tf b/infrastructure/terraform/compute/cloudfront.tf index cac56e7..7e05e16 100644 --- a/infrastructure/terraform/compute/cloudfront.tf +++ b/infrastructure/terraform/compute/cloudfront.tf @@ -2,7 +2,7 @@ resource "aws_cloudfront_distribution" "my_cloudfront_distribution" { enabled = true origin { - domain_name = var.s3_static_website_domain_name + domain_name = var.s3_static_website_domain_name # TO CHANGE origin_id = "myS3Origin" s3_origin_config { @@ -40,12 +40,12 @@ resource "aws_cloudfront_distribution" "my_cloudfront_distribution" { restrictions { geo_restriction { restriction_type = "whitelist" - locations = ["US", "CA", "GB", "DE"] + locations = ["US", "CA", "GB", "DE"] # TO CHANGE } } viewer_certificate { - + # TO CHANGE } default_root_object = "index.html"