From 28030858ec8455ffd725069c762a025989a3d1ff Mon Sep 17 00:00:00 2001 From: Ethan Weisberg Date: Sun, 18 Aug 2024 12:29:32 -0700 Subject: [PATCH] client terraform finished --- infrastructure/client/main.tf | 63 +++++++++++++++++++++++++++++++++-- 1 file changed, 60 insertions(+), 3 deletions(-) diff --git a/infrastructure/client/main.tf b/infrastructure/client/main.tf index afd0b4fd..7eb475cf 100644 --- a/infrastructure/client/main.tf +++ b/infrastructure/client/main.tf @@ -106,10 +106,67 @@ resource "aws_s3_object" "website_files" { ] } +# CloudFront Distribution +resource "aws_cloudfront_distribution" "cdn" { + origin { + domain_name = aws_s3_bucket.static_website.bucket_regional_domain_name + origin_id = aws_s3_bucket.static_website.bucket + + custom_origin_config { + http_port = 80 + https_port = 443 + origin_protocol_policy = "http-only" + origin_ssl_protocols = ["TLSv1.2"] + } + } + + default_cache_behavior { + allowed_methods = ["GET", "HEAD"] + cached_methods = ["GET", "HEAD"] + target_origin_id = aws_s3_bucket.static_website.bucket + viewer_protocol_policy = "redirect-to-https" + + forwarded_values { + query_string = false + cookies { + forward = "none" + } + } + } + + # Handle 403 errors by serving index.html with a 200 status code + custom_error_response { + error_code = 403 + response_code = 200 + response_page_path = "/index.html" + } + + # Default root object + default_root_object = "index.html" + + enabled = true + is_ipv6_enabled = true + price_class = "PriceClass_100" + + restrictions { + geo_restriction { + restriction_type = "none" + } + } + + viewer_certificate { + cloudfront_default_certificate = true + } + + depends_on = [ + aws_s3_object.website_files, + ] +} + output "s3_bucket_name" { value = aws_s3_bucket.static_website.bucket } -# output "cloudfront_domain_name" { -# value = aws_cloudfront_distribution.cdn.domain_name -# } +output "cloudfront_domain_name" { + value = aws_cloudfront_distribution.cdn.domain_name +}