Skip to content

Provision a static website hosted through S3 + CloudFront + Route53 in AWS

License

Notifications You must be signed in to change notification settings

realglobe-Inc/terraform-aws-static-website

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

47 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

GitHub

terraform-aws-static-website

Provision a static website hosted through S3 + CloudFront in AWS.

Terraform Registry at https://registry.terraform.io/modules/realglobe-Inc/static-website/aws/.

Usage

module "website" {
  source = "realglobe-Inc/static-website/aws"
  version = "2.3.2"

  providers = {
    aws.cloudfront = aws.<us-east-1 region alias>
  }

  service_name = "your-service-name"
  aws_profile = "aws-profile-name"
  domain_names = tolist(["foo.example.com", "bar.example.com"])
  route53_zone_id = "ZXXXXXXXXXXXXX"
  s3_bucket_name = "your-s3-web-bucket"
  cors_allowed_origins = tolist(["https://foo.example.com", "*.example.com"])  # optional
  cloudfront_origin_path = "/dev" # optional
  save_access_log = true  # optional
  lambda_function_associations = { "viewer-request": "arn:..." }  # optional
}

Output CloudFront cache invalidation command.

output "cache_invalidation_command" {
  value = module.website.cache_invalidation_command
}

Create or switch workspace and apply.

$ terraform init
$ terraform workspace new development
$ terraform apply

Upload assets to S3.

$ aws s3 sync path/to/website/assets s3://your-s3-web-bucket/development/ --profile aws-profile-name

Then, access to your web site https://foo.example.com.

If responce is cached, invalidate CloudFront edge caches.

$ terraform output cache_invalidation_command
# Copy and paste printed command, overwrite paths and run.

Development

To publish new version in Terraform Registry, just create new release in releases.

Requirements

Name Version
terraform >= 1
aws >= 4

Providers

Name Version
aws >= 4
aws.cloudfront >= 4

Modules

No modules.

Resources

Name Type
aws_acm_certificate.cert resource
aws_acm_certificate_validation.cert resource
aws_cloudfront_distribution.web_dist resource
aws_cloudfront_origin_access_identity.origin_access_identity resource
aws_route53_record.cert_validation resource
aws_route53_record.www resource
aws_s3_bucket.hosting resource
aws_s3_bucket_cors_configuration.hosting resource
aws_s3_bucket_policy.hosting resource
aws_s3_bucket_versioning.hosting resource
aws_iam_policy_document.bucket_policy data source

Inputs

Name Description Type Default Required
aws_profile aws profile name any n/a yes
cloudfront_origin_path Origin path of CloudFront string "" no
cors_allowed_origins CORS allowed origins list(string) [] no
domain_names domain names list(string) n/a yes
lambda_function_associations CloudFront Lambda function associations. key is CloudFront event type and value is lambda function ARN with version map(string) {} no
route53_zone_id Route53 Zone ID any n/a yes
s3_bucket_name S3 bucket name any n/a yes
save_access_log whether save cloudfront access log to S3 bool false no
service_name tagged with service name any n/a yes

Outputs

Name Description
cache_invalidation_command CloudFront edge cache invalidation command. /path/to/invalidation/resource is like /index.html /error.html