Skip to content

Instantly share code, notes, and snippets.

@nagelflorian
Last active February 12, 2024 07:44
Show Gist options
  • Save nagelflorian/67060ffaf0e8c6016fa1050b6a4e767a to your computer and use it in GitHub Desktop.
Save nagelflorian/67060ffaf0e8c6016fa1050b6a4e767a to your computer and use it in GitHub Desktop.
Terraform config for static website hosting on AWS
# AWS S3 bucket for static hosting
resource "aws_s3_bucket" "website" {
bucket = "${var.website_bucket_name}"
acl = "public-read"
tags {
Name = "Website"
Environment = "production"
}
cors_rule {
allowed_headers = ["*"]
allowed_methods = ["PUT","POST"]
allowed_origins = ["*"]
expose_headers = ["ETag"]
max_age_seconds = 3000
}
policy = <<EOF
{
"Version": "2008-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": "s3:GetObject",
"Resource": "arn:aws:s3:::${var.website_bucket_name}/*"
}
]
}
EOF
website {
index_document = "index.html"
error_document = "error.html"
}
}
# AWS S3 bucket for www-redirect
resource "aws_s3_bucket" "website_redirect" {
bucket = "www.${var.website_bucket_name}"
acl = "public-read"
website {
redirect_all_requests_to = "${var.website_bucket_name}"
}
}
# AWS Cloudfront for caching
resource "aws_cloudfront_distribution" "s3_distribution" {
origin {
domain_name = "${aws_s3_bucket.website.bucket}.s3.amazonaws.com"
origin_id = "website"
}
enabled = true
is_ipv6_enabled = true
comment = "Managed by Terraform"
default_root_object = "index.html"
aliases = ["${var.domain_name}"]
default_cache_behavior {
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "website"
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
viewer_protocol_policy = "allow-all"
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
price_class = "PriceClass_100"
restrictions {
geo_restriction {
restriction_type = "none"
}
}
tags {
Environment = "production"
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
resource "aws_route53_zone" "main" {
name = "${var.domain_name}"
comment = "Managed by Terraform"
tags {
Environment = "production"
}
}
resource "aws_route53_record" "main-a-record" {
zone_id = "${aws_route53_zone.main.zone_id}"
name = "${var.domain_name}"
type = "A"
alias {
name = "${aws_s3_bucket.website.website_domain}"
zone_id = "${aws_s3_bucket.website.hosted_zone_id}"
evaluate_target_health = false
}
}
resource "aws_route53_record" "main-c-name" {
zone_id = "${aws_route53_zone.main.zone_id}"
name = "www"
type = "CNAME"
ttl = "300"
records = ["${var.domain_name}"]
}
provider "aws" {
access_key = "${var.aws_access_key}"
secret_key = "${var.aws_secret_key}"
region = "${var.aws_region}"
}
variable "aws_access_key" {}
variable "aws_secret_key" {}
variable "aws_region" {}
variable "domain_name" {}
variable "website_bucket_name" {}
variable "website_zone_id" {}
@ivan-navi-studios
Copy link

Very Cool! Thanks for this!

@jottasystem
Copy link

Nice man! You saved me! Thanks for this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment