This module will create S3 bucket as storage for site and connect it with CloudFront for exposing it to public. It also creates TLS certificates for it.
provider "aws" {
alias = "us_east_1"
region = "us-east-1"
}
module "static-site" {
source = "cookielab/static-site/aws"
version = "~> 2.1"
providers = {
aws.us_east_1 = aws.us_east_1
}
domains = ["www.example.com"]
domain_zone_id = aws_route53_zone.example_com.zone_id
s3_bucket_name = "example_com_web"
}
Name | Version |
---|---|
terraform | >= 1.1, < 2.0 |
aws | ~> 4.32 |
Name | Version |
---|---|
aws | ~> 4.32 |
Name | Source | Version |
---|---|---|
certificate | terraform-aws-modules/acm/aws | 4.3.1 |
gitlab | ./modules/gitlab | n/a |
s3_bucket | terraform-aws-modules/s3-bucket/aws | 3.6.0 |
Name | Type |
---|---|
aws_cloudfront_distribution.this | resource |
aws_cloudfront_origin_access_identity.this | resource |
aws_iam_access_key.deploy | resource |
aws_iam_user.deploy | resource |
aws_iam_user_policy.deploy | resource |
aws_route53_record.this | resource |
aws_iam_policy_document.bucket_policy | data source |
aws_iam_policy_document.deploy | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
cloudfront_price_class | n/a | string |
"PriceClass_100" |
no |
domain_zone_id | The ID of the hosted zone for domain | string |
n/a | yes |
domains | List of domain aliases. You can also specify wildcard eg.: *.example.com |
list(string) |
n/a | yes |
gitlab_environment | n/a | string |
"*" |
no |
gitlab_project_id | n/a | string |
null |
no |
logs_bucket | n/a | string |
null |
no |
s3_bucket_name | n/a | string |
n/a | yes |
tags | n/a | map(string) |
{} |
no |
Name | Description |
---|---|
aws_access_key_id | n/a |
aws_cloudfront_distribution_id | n/a |
aws_s3_bucket_name | n/a |
aws_secret_access_key | n/a |
Name | Version |
---|---|
terraform | >= 1.5, < 2.0 |
aws | ~> 5.27 |
Name | Version |
---|---|
aws | ~> 5.27 |
Name | Source | Version |
---|---|---|
certificate | terraform-aws-modules/acm/aws | 5.0.0 |
gitlab | ./modules/gitlab | n/a |
s3_bucket | terraform-aws-modules/s3-bucket/aws | 4.1.2 |
Name | Type |
---|---|
aws_cloudfront_distribution.this | resource |
aws_cloudfront_origin_access_control.this | resource |
aws_cloudfront_origin_access_identity.this | resource |
aws_iam_access_key.deploy | resource |
aws_iam_user.deploy | resource |
aws_iam_user_policy.deploy | resource |
aws_kms_alias.this | resource |
aws_kms_key.this | resource |
aws_kms_key_policy.this | resource |
aws_route53_record.this | resource |
aws_caller_identity.current | data source |
aws_cloudfront_cache_policy.managed_caching_disabled | data source |
aws_cloudfront_origin_request_policy.managed_all_viewer_and_cloudfront_headers | data source |
aws_iam_policy_document.deploy | data source |
aws_iam_policy_document.kms_key_policy | data source |
aws_iam_policy_document.s3_bucket_policy | data source |
aws_region.current | data source |
Name | Description | Type | Default | Required |
---|---|---|---|---|
cloudfront_price_class | n/a | string |
"PriceClass_100" |
no |
domain_zone_id | The ID of the hosted zone for domain | string |
n/a | yes |
domains | List of domain aliases. You can also specify wildcard eg.: *.example.com |
list(string) |
n/a | yes |
enable_deploy_user | Toggle s3 deploy user creation | bool |
true |
no |
encrypt_with_kms | Enable server side s3 bucket encryption with KMS key | bool |
false |
no |
functions | n/a | object({ |
{} |
no |
gitlab_environment | n/a | string |
"*" |
no |
gitlab_project_id | n/a | string |
null |
no |
kms_deletion_window_in_days | The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key | number |
30 |
no |
kms_key_policy | Additional KSM key policy | string |
"{}" |
no |
logs_bucket | n/a | string |
null |
no |
logs_bucket_domain_name | n/a | string |
null |
no |
override_status_code_403 | n/a | number |
403 |
no |
override_status_code_404 | n/a | number |
200 |
no |
proxy_paths | n/a | list(object({ |
[] |
no |
s3_bucket_name | n/a | string |
n/a | yes |
s3_bucket_policy | Additional S3 bucket policy | string |
"{}" |
no |
tags | n/a | map(string) |
{} |
no |
Name | Description |
---|---|
aws_access_key_id | n/a |
aws_cloudfront_distribution_id | n/a |
aws_s3_bucket_arn | n/a |
aws_s3_bucket_name | n/a |
aws_s3_bucket_regional_domain_name | n/a |
aws_secret_access_key | n/a |
s3_kms_key_arn | n/a |