alistaircol/create-site.tf

## create-site.tf
terraform {
  required_providers {
    aws = {
      source  = "hashicorp/aws"
      version = "~> 2.70"
    }
    cloudflare = {
      source  = "cloudflare/cloudflare"
      version = "~> 2.0"
    }
  }
}

# https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication
provider "aws" {
  profile = "default"
  region  = "eu-west-2"
}

# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs
provider "cloudflare" {
  email = "redacted@gmail.com"
  api_token = "redacted"
}

# https://www.terraform.io/docs/configuration/locals.html
locals {
  bucket = "terraform-example.ac93.uk"
}

# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket
resource "aws_s3_bucket" "terraform_bucket" {
  bucket = local.bucket
  acl    = "public-read"
  tags = {
    site = local.bucket
    environment = "production"
  }

  versioning {
    enabled = true
  }

  website {
    index_document = "index.html"
    error_document = "200.html"
  }
}

# htps://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy
resource "aws_s3_bucket_policy" "terraform_bucket_policy" {
  bucket = aws_s3_bucket.terraform_bucket.id

  policy = <<POLICY
{
  "Version":"2012-10-17",
  "Statement":[
    {
      "Sid":"PublicRead",
      "Effect":"Allow",
      "Principal": "*",
      "Action": [
        "s3:GetObject",
        "s3:GetObjectVersion"
      ],
      "Resource": [
        "${aws_s3_bucket.terraform_bucket.arn}/*"
      ]
    }
  ]
}
POLICY
}

# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/data-sources/zones
data "cloudflare_zones" "ac93_uk" {
  filter {
    name = "ac93.uk"
  }
}

# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record
resource "cloudflare_record" "terraform_bucket_cname" {
  zone_id = lookup(data.cloudflare_zones.ac93_uk.zones[0], "id")
  type = "CNAME"
  name = "terraform-example"
  value = aws_s3_bucket.terraform_bucket.website_endpoint
  proxied = true
}
	terraform {
	required_providers {
	aws = {
	source = "hashicorp/aws"
	version = "~> 2.70"
	}
	cloudflare = {
	source = "cloudflare/cloudflare"
	version = "~> 2.0"
	}
	}
	}

	# https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication
	provider "aws" {
	profile = "default"
	region = "eu-west-2"
	}

	# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs
	provider "cloudflare" {
	email = "redacted@gmail.com"
	api_token = "redacted"
	}

	# https://www.terraform.io/docs/configuration/locals.html
	locals {
	bucket = "terraform-example.ac93.uk"
	}

	# https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket
	resource "aws_s3_bucket" "terraform_bucket" {
	bucket = local.bucket
	acl = "public-read"
	tags = {
	site = local.bucket
	environment = "production"
	}

	versioning {
	enabled = true
	}

	website {
	index_document = "index.html"
	error_document = "200.html"
	}
	}

	# htps://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy
	resource "aws_s3_bucket_policy" "terraform_bucket_policy" {
	bucket = aws_s3_bucket.terraform_bucket.id

	policy = <<POLICY
	{
	"Version":"2012-10-17",
	"Statement":[
	{
	"Sid":"PublicRead",
	"Effect":"Allow",
	"Principal": "*",
	"Action": [
	"s3:GetObject",
	"s3:GetObjectVersion"
	],
	"Resource": [
	"${aws_s3_bucket.terraform_bucket.arn}/*"
	]
	}
	]
	}
	POLICY
	}

	# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/data-sources/zones
	data "cloudflare_zones" "ac93_uk" {
	filter {
	name = "ac93.uk"
	}
	}

	# https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record
	resource "cloudflare_record" "terraform_bucket_cname" {
	zone_id = lookup(data.cloudflare_zones.ac93_uk.zones[0], "id")
	type = "CNAME"
	name = "terraform-example"
	value = aws_s3_bucket.terraform_bucket.website_endpoint
	proxied = true
	}