NeelamLakra/cloudfront_distribution

## cloudfront_distribution
data "aws_s3_bucket" "blog_repo" {
 bucket = "knoldus.blog.ai"
}

resource "aws_cloudfront_distribution" "s3_distribution" {
  origin {

    origin_id   = "default"
    domain_name = "${data.aws_s3_bucket.blog_repo.bucket_domain_name}"

    s3_origin_config {
    origin_access_identity = "${aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path}"
     }
}

  enabled             = true
  is_ipv6_enabled     = true
  comment             = "Added authentication to bucket"

  default_cache_behavior {
    allowed_methods  = ["GET", "HEAD"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = "default"

    forwarded_values {
      query_string = false

      cookies {
        forward = "none"
      }
    }

    viewer_protocol_policy = "https-only"
    min_ttl                = 0
    default_ttl            = 0
    max_ttl                = 0
  }

  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }

  tags = {
    Environment = "development"
  }

  viewer_certificate {
    cloudfront_default_certificate = true
  }
}

resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
  comment = "Some comment"
}

data "aws_iam_policy_document" "s3_policy" {
  statement {
    actions   = ["s3:GetObject"]
    resources = ["${data.aws_s3_bucket.blog_repo.arn}/*"]

    principals {
      type        = "AWS"
      identifiers = ["${aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn}"]
    }
  }
}

resource "aws_s3_bucket_policy" "example" {
  bucket = "${data.aws_s3_bucket.blog_repo.id}"
  policy = "${data.aws_iam_policy_document.s3_policy.json}"
}
	data "aws_s3_bucket" "blog_repo" {
	bucket = "knoldus.blog.ai"
	}

	resource "aws_cloudfront_distribution" "s3_distribution" {
	origin {

	origin_id = "default"
	domain_name = "${data.aws_s3_bucket.blog_repo.bucket_domain_name}"

	s3_origin_config {
	origin_access_identity = "${aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path}"
	}
	}

	enabled = true
	is_ipv6_enabled = true
	comment = "Added authentication to bucket"

	default_cache_behavior {
	allowed_methods = ["GET", "HEAD"]
	cached_methods = ["GET", "HEAD"]
	target_origin_id = "default"

	forwarded_values {
	query_string = false

	cookies {
	forward = "none"
	}
	}

	viewer_protocol_policy = "https-only"
	min_ttl = 0
	default_ttl = 0
	max_ttl = 0
	}

	restrictions {
	geo_restriction {
	restriction_type = "none"
	}
	}

	tags = {
	Environment = "development"
	}

	viewer_certificate {
	cloudfront_default_certificate = true
	}
	}

	resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
	comment = "Some comment"
	}

	data "aws_iam_policy_document" "s3_policy" {
	statement {
	actions = ["s3:GetObject"]
	resources = ["${data.aws_s3_bucket.blog_repo.arn}/*"]

	principals {
	type = "AWS"
	identifiers = ["${aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn}"]
	}
	}
	}

	resource "aws_s3_bucket_policy" "example" {
	bucket = "${data.aws_s3_bucket.blog_repo.id}"
	policy = "${data.aws_iam_policy_document.s3_policy.json}"
	}