Fully written and tested using OpenTofu
Simple AWS Cloudfront to serve static websites from S3.
This module provides lambda@edge function if you want to serve content in subfolders without needing to provide the index.html,
for example: https://foo.bar/somepage/
- Add tests
| Name | Version |
|---|---|
| terraform | >= 0.13.0 |
| aws | >= 5.0.0 |
| Name | Version |
|---|---|
| aws | >= 5.0.0 |
No modules.
| Name | Type |
|---|---|
| aws_cloudfront_distribution.this | resource |
| aws_cloudfront_function.this | resource |
| aws_cloudfront_origin_access_control.this | resource |
| aws_s3_bucket_policy.allow_cloudfront | resource |
| aws_iam_policy_document.allow_cloudfront | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| acm_certificate_arn | ACM Certificate ARN, must be us-east-1 | string |
n/a | yes |
| aliases | Alternate domain names | list(string) |
null |
no |
| cloudfront_origin_description | Description for the origin | string |
n/a | yes |
| cloudfront_origin_name | The name of the cloudfront origin | string |
n/a | yes |
| cookies_forward | cookies forwarding | string |
"none" |
no |
| default_root_object | The default website root object | string |
null |
no |
| default_ttl | Default cache ttl | number |
1800 |
no |
| enable_distribution | Enables the cf distributuion | bool |
true |
no |
| enable_ipv6 | Enables ipv6 for the cloudfront distributuion | bool |
true |
no |
| enable_noindex_function | Enables lambda@edge function to serve files inside subfolders | bool |
false |
no |
| forward_query_strings | Enables/disables query string forwarding | bool |
false |
no |
| geo_restriction_locations | locations to apply restrictions to | list(string) |
[] |
no |
| geo_restriction_type | whitelist/blacklist | string |
"none" |
no |
| max_ttl | Max cache ttl | number |
3600 |
no |
| min_ttl | Min cache ttl | number |
0 |
no |
| s3_bucket_id | Name of s3 bucket | string |
n/a | yes |
| s3_objects | The s3 onjects to allow access to ARN/objects | list(any) |
n/a | yes |
| s3_origin_id | unique origin id | string |
"s3Website" |
no |
| s3_origin_path | objects origin path if using subfolders | string |
null |
no |
| s3_regional_domain_name | The regional domain name of the bucket | string |
n/a | yes |
| ssl_support_method | SSL support method to be used | string |
"sni-only" |
no |
| tls_minimum_protocol_version | Minimum TLS version | string |
"TLSv1.2_2021" |
no |
| viewer_protocol_policy | specify the protocol that users can use to access the files in the origin | string |
"redirect-to-https" |
no |
No outputs.