112 lines
2.5 KiB
HCL
112 lines
2.5 KiB
HCL
terraform {
|
|
required_providers {
|
|
aws = {
|
|
source = "hashicorp/aws"
|
|
version = "~> 4.0"
|
|
}
|
|
|
|
cloudflare = {
|
|
source = "cloudflare/cloudflare"
|
|
version = "~> 3.0"
|
|
}
|
|
}
|
|
}
|
|
|
|
provider "aws" {
|
|
region = "eu-west-2"
|
|
}
|
|
|
|
provider "aws" {
|
|
alias = "us-east-1"
|
|
region = "us-east-1"
|
|
}
|
|
|
|
resource "aws_s3_bucket" "rebuilding-acquia" {
|
|
bucket = "rebuilding-acquia"
|
|
}
|
|
|
|
resource "aws_s3_bucket_acl" "rebuilding-acquia" {
|
|
acl = "private"
|
|
bucket = aws_s3_bucket.rebuilding-acquia.id
|
|
}
|
|
|
|
locals {
|
|
s3_origin_id = "rebuilding-acquia"
|
|
zone_name = "oliverdavies.uk"
|
|
}
|
|
|
|
resource "aws_cloudfront_origin_access_control" "rebuilding-acquia" {
|
|
name = "rebuilding-acquia"
|
|
description = "rebuilding-acquia"
|
|
origin_access_control_origin_type = "s3"
|
|
signing_behavior = "always"
|
|
signing_protocol = "sigv4"
|
|
}
|
|
|
|
data "cloudflare_zone" "rebuilding-acquia" {
|
|
name = local.zone_name
|
|
}
|
|
|
|
data "aws_acm_certificate" "rebuilding-acquia" {
|
|
domain = local.zone_name
|
|
provider = aws.us-east-1
|
|
statuses = ["ISSUED"]
|
|
}
|
|
|
|
resource "aws_cloudfront_distribution" "s3_distribution" {
|
|
origin {
|
|
domain_name = aws_s3_bucket.rebuilding-acquia.bucket_regional_domain_name
|
|
origin_access_control_id = aws_cloudfront_origin_access_control.rebuilding-acquia.id
|
|
origin_id = local.s3_origin_id
|
|
}
|
|
|
|
comment = "Rebuilding Acquia - Tailwind CSS example"
|
|
default_root_object = "index.html"
|
|
enabled = true
|
|
is_ipv6_enabled = true
|
|
|
|
aliases = ["rebuilding-acquia.${local.zone_name}"]
|
|
|
|
default_cache_behavior {
|
|
allowed_methods = ["GET", "HEAD"]
|
|
cached_methods = ["GET", "HEAD"]
|
|
target_origin_id = local.s3_origin_id
|
|
|
|
forwarded_values {
|
|
query_string = false
|
|
|
|
cookies {
|
|
forward = "none"
|
|
}
|
|
}
|
|
|
|
default_ttl = 3600
|
|
max_ttl = 86400
|
|
min_ttl = 0
|
|
viewer_protocol_policy = "allow-all"
|
|
}
|
|
|
|
price_class = "PriceClass_100"
|
|
|
|
restrictions {
|
|
geo_restriction {
|
|
locations = []
|
|
restriction_type = "none"
|
|
}
|
|
}
|
|
|
|
viewer_certificate {
|
|
acm_certificate_arn = data.aws_acm_certificate.rebuilding-acquia.arn
|
|
ssl_support_method = "sni-only"
|
|
}
|
|
}
|
|
|
|
resource "cloudflare_record" "rebuilding-acquia" {
|
|
name = "rebuilding-acquia"
|
|
proxied = false
|
|
ttl = 0
|
|
type = "CNAME"
|
|
value = aws_cloudfront_distribution.s3_distribution.domain_name
|
|
zone_id = data.cloudflare_zone.rebuilding-acquia.id
|
|
}
|