alsonkemp/gist:00a2e55281da3ac03f4e

## gistfile1.txt
resource "aws_cloudformation_stack" "app_cloudfront" {
  name = "app_cloudfront"
  # This is rendered to the template_body with the quotes removed:
  # ${template_file.web_app_cloudfront.rendered}
  template_body = "${template_file.web_app_cloudfront.rendered}"
}

resource "template_file" "web_app_cloudfront" {
    template = "${file("./templates/web_apps_cloudfront.template")}"

    vars {
        domain = "${var.web_app_domain_name_APP}"
        default_bucket = "${var.static_assets_bucket_name_APP}"


The template file contents are basically:
{
  "Resources" : {
    "app-cloudfront" : {
      "Type": "AWS::CloudFront::Distribution",
      "Properties": {
        "DistributionConfig": {
          "Aliases": [ "${domain}" ],
          "Comment": "Web : ${domain}",
          "Enabled": true,
          "PriceClass": "PriceClass_All",
          "CustomErrorResponses": [
            {
              "ErrorCachingMinTTL": 300,
              "ErrorCode": 403,
              "ResponseCode": "200",
              "ResponsePagePath": null
            }
          ],
          "DefaultCacheBehavior": {
            "TargetOriginId": "S3-${default_bucket}",
            "ViewerProtocolPolicy": "redirect-to-https",
            "MinTTL": 0,
            "AllowedMethods": [ "HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH" ],
            "CachedMethods": [ "HEAD", "GET" ],
            "ForwardedValues": {
              "QueryString": true,
              "Cookies": {
                "Forward": "none"
              }
            }
          },
          "Origins": [
            {
              "DomainName": "${default_bucket}.s3.amazonaws.com",
              "Id": "S3-${default_bucket}",
              "S3OriginConfig": {
                "OriginAccessIdentity": "origin-access-identity/cloudfront/E2J0..."
              }
            }
          ],
          "Restrictions": {
            "GeoRestriction": {
              "RestrictionType": "none",
              "Locations": [ ]
            }
          },
          "ViewerCertificate": {
            "IamCertificateId": "ASCA...",
            "SslSupportMethod": "sni-only",
            "MinimumProtocolVersion": "TLSv1"
          }
        }
      }
    }
  }
}

    }
}
	resource "aws_cloudformation_stack" "app_cloudfront" {
	name = "app_cloudfront"
	# This is rendered to the template_body with the quotes removed:
	# ${template_file.web_app_cloudfront.rendered}
	template_body = "${template_file.web_app_cloudfront.rendered}"
	}

	resource "template_file" "web_app_cloudfront" {
	template = "${file("./templates/web_apps_cloudfront.template")}"

	vars {
	domain = "${var.web_app_domain_name_APP}"
	default_bucket = "${var.static_assets_bucket_name_APP}"


	The template file contents are basically:
	{
	"Resources" : {
	"app-cloudfront" : {
	"Type": "AWS::CloudFront::Distribution",
	"Properties": {
	"DistributionConfig": {
	"Aliases": [ "${domain}" ],
	"Comment": "Web : ${domain}",
	"Enabled": true,
	"PriceClass": "PriceClass_All",
	"CustomErrorResponses": [
	{
	"ErrorCachingMinTTL": 300,
	"ErrorCode": 403,
	"ResponseCode": "200",
	"ResponsePagePath": null
	}
	],
	"DefaultCacheBehavior": {
	"TargetOriginId": "S3-${default_bucket}",
	"ViewerProtocolPolicy": "redirect-to-https",
	"MinTTL": 0,
	"AllowedMethods": [ "HEAD", "DELETE", "POST", "GET", "OPTIONS", "PUT", "PATCH" ],
	"CachedMethods": [ "HEAD", "GET" ],
	"ForwardedValues": {
	"QueryString": true,
	"Cookies": {
	"Forward": "none"
	}
	}
	},
	"Origins": [
	{
	"DomainName": "${default_bucket}.s3.amazonaws.com",
	"Id": "S3-${default_bucket}",
	"S3OriginConfig": {
	"OriginAccessIdentity": "origin-access-identity/cloudfront/E2J0..."
	}
	}
	],
	"Restrictions": {
	"GeoRestriction": {
	"RestrictionType": "none",
	"Locations": [ ]
	}
	},
	"ViewerCertificate": {
	"IamCertificateId": "ASCA...",
	"SslSupportMethod": "sni-only",
	"MinimumProtocolVersion": "TLSv1"
	}
	}
	}
	}
	}
	}

	}
	}