Difference between revisions of "Terraform resource: aws cloudfront distribution"
Jump to navigation
Jump to search
↑ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution
Line 3: | Line 3: | ||
Required: | Required: | ||
* [[origin_id]] (Required) - Unique identifier for the origin | * [[origin_id]] (Required) - Unique identifier for the origin | ||
− | * [[origin argument in aws_cloudfront_distribution resource|origin]]: [[domain_name]], [[origin_id]] | + | * <code>[[origin argument in aws_cloudfront_distribution resource|origin]]: [[domain_name]], [[origin_id]]</code> |
* [[enabled]] | * [[enabled]] | ||
− | * [[default_cache_behavior]]: [[cache_policy_id]] | + | * <code>[[default_cache_behavior]]</code>: [[cache_policy_id]] |
* [[restrictions]] | * [[restrictions]] | ||
* [[viewer_certificate]] | * [[viewer_certificate]] |
Revision as of 10:00, 21 June 2023
aws_cloudfront_distribution
[1] terraform resource.
Required:
- origin_id (Required) - Unique identifier for the origin
origin: domain_name, origin_id
- enabled
default_cache_behavior
: cache_policy_id- restrictions
- viewer_certificate
Optional:
aliases
(optional) - Extra CNAMEs (alternate domain names), if any, for this distribution.- origin_access_control_id (Optional)
Official example
resource "aws_s3_bucket" "b" { bucket = "mybucket" tags = { Name = "My bucket" } } resource "aws_s3_bucket_acl" "b_acl" { bucket = aws_s3_bucket.b.id acl = "private" } locals { s3_origin_id = "myS3Origin" } resource "aws_cloudfront_distribution" "s3_distribution" { origin { domain_name = aws_s3_bucket.b.bucket_regional_domain_name origin_access_control_id = aws_cloudfront_origin_access_control.default.id origin_id = local.s3_origin_id } enabled = true is_ipv6_enabled = true comment = "Some comment" default_root_object = "index.html" logging_config { include_cookies = false bucket = "mylogs.s3.amazonaws.com" prefix = "myprefix" } aliases = ["mysite.example.com", "yoursite.example.com"] default_cache_behavior { allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] cached_methods = ["GET", "HEAD"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false cookies { forward = "none" } } viewer_protocol_policy = "allow-all" min_ttl = 0 default_ttl = 3600 max_ttl = 86400 } # Cache behavior with precedence 0 ordered_cache_behavior { path_pattern = "/content/immutable/*" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD", "OPTIONS"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false headers = ["Origin"] cookies { forward = "none" } } min_ttl = 0 default_ttl = 86400 max_ttl = 31536000 compress = true viewer_protocol_policy = "redirect-to-https" } # Cache behavior with precedence 1 ordered_cache_behavior { path_pattern = "/content/*" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false cookies { forward = "none" } } min_ttl = 0 default_ttl = 3600 max_ttl = 86400 compress = true viewer_protocol_policy = "redirect-to-https" } price_class = "PriceClass_200" restrictions { geo_restriction { restriction_type = "whitelist" locations = ["US", "CA", "GB", "DE"] } } tags = { Environment = "production" } viewer_certificate { cloudfront_default_certificate = true } }
Import
terraform import aws_cloudfront_distribution.distribution E74FTE3EXAMPLE
Related terms
aws cloudfront get-distribution-config
aws cloudfront origin access identity
InvalidViewerCertificate
aws cloudfront create-distribution
- Terraform resource: aws cloudfront origin access control
Activities
See also
aws_cloudfront_distribution: domain_name, s3_origin_config, default_cache_behavior
, restrictions- Terraform AWS CloudFront: provider
aws_cloudfront_distribution, aws_cloudfront_origin_access_identity, aws_cloudfront_origin_access_control
, Terraform module: cloudfront
Advertising: