davidvpe/cloudfront.tf

## cloudfront.tf

locals {
  s3_origin_id = "example.com_origin"
}

resource "aws_cloudfront_distribution" "s3_distribution" {
  origin {
    domain_name = aws_s3_bucket.website.bucket_regional_domain_name
    origin_id   = local.s3_origin_id

    s3_origin_config {
      origin_access_identity = aws_cloudfront_origin_access_identity.oai.cloudfront_access_identity_path
    }
  }

  enabled             = true
  is_ipv6_enabled     = true
  default_root_object = "index.html"

  aliases = [var.domain]

  default_cache_behavior {
    allowed_methods  = ["GET", "HEAD", "OPTIONS"]
    cached_methods   = ["GET", "HEAD"]
    target_origin_id = local.s3_origin_id

    forwarded_values {
      query_string = true

      cookies {
        forward = "none"
      }
    }

    viewer_protocol_policy = "allow-all"
    min_ttl                = 0
    default_ttl            = 3600
    max_ttl                = 86400
  }

  ordered_cache_behavior {
    path_pattern     = "*"
    allowed_methods  = ["GET", "HEAD", "OPTIONS"]
    cached_methods   = ["GET", "HEAD", "OPTIONS"]
    target_origin_id = local.s3_origin_id

    forwarded_values {
      query_string = true
      headers      = ["Origin"]

      cookies {
        forward = "none"
      }
    }

    min_ttl                = 0
    default_ttl            = 86400
    max_ttl                = 31536000
    compress               = true
    viewer_protocol_policy = "redirect-to-https"
  }

  price_class = "PriceClass_100"

  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }


  tags = {
    Environment = "production"
  }

  viewer_certificate {
    acm_certificate_arn = aws_acm_certificate.certificate.acm_certificate_arn
    ssl_support_method = "sni-only"
  }
}

	locals {
	s3_origin_id = "example.com_origin"
	}

	resource "aws_cloudfront_distribution" "s3_distribution" {
	origin {
	domain_name = aws_s3_bucket.website.bucket_regional_domain_name
	origin_id = local.s3_origin_id

	s3_origin_config {
	origin_access_identity = aws_cloudfront_origin_access_identity.oai.cloudfront_access_identity_path
	}
	}

	enabled = true
	is_ipv6_enabled = true
	default_root_object = "index.html"

	aliases = [var.domain]

	default_cache_behavior {
	allowed_methods = ["GET", "HEAD", "OPTIONS"]
	cached_methods = ["GET", "HEAD"]
	target_origin_id = local.s3_origin_id

	forwarded_values {
	query_string = true

	cookies {
	forward = "none"
	}
	}

	viewer_protocol_policy = "allow-all"
	min_ttl = 0
	default_ttl = 3600
	max_ttl = 86400
	}

	ordered_cache_behavior {
	path_pattern = "*"
	allowed_methods = ["GET", "HEAD", "OPTIONS"]
	cached_methods = ["GET", "HEAD", "OPTIONS"]
	target_origin_id = local.s3_origin_id

	forwarded_values {
	query_string = true
	headers = ["Origin"]

	cookies {
	forward = "none"
	}
	}

	min_ttl = 0
	default_ttl = 86400
	max_ttl = 31536000
	compress = true
	viewer_protocol_policy = "redirect-to-https"
	}

	price_class = "PriceClass_100"

	restrictions {
	geo_restriction {
	restriction_type = "none"
	}
	}


	tags = {
	Environment = "production"
	}

	viewer_certificate {
	acm_certificate_arn = aws_acm_certificate.certificate.acm_certificate_arn
	ssl_support_method = "sni-only"
	}
	}