Difference between revisions of "Terraform resource: aws cloudfront distribution"
Jump to navigation
Jump to search
↑ https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution
(→Import) |
|||
Line 12: | Line 12: | ||
* <code>[[aliases]]</code> (optional) - Extra [[CNAMEs]] (alternate domain names), if any, for this distribution. | * <code>[[aliases]]</code> (optional) - Extra [[CNAMEs]] (alternate domain names), if any, for this distribution. | ||
* [[origin_access_control_id]] (Optional) | * [[origin_access_control_id]] (Optional) | ||
+ | * <code>[[headers]]</code> | ||
== Official example == | == Official example == |
Revision as of 08:56, 20 August 2024
aws_cloudfront_distribution
[1] terraform resource.
Required:
origin_id
(Required) - Unique identifier for the originorigin: domain_name, origin_id
enabled
default_cache_behavior
: cache_policy_idrestrictions
viewer_certificate
Optional:
aliases
(optional) - Extra CNAMEs (alternate domain names), if any, for this distribution.- origin_access_control_id (Optional)
headers
Official example
resource "aws_s3_bucket" "b" { bucket = "mybucket" tags = { Name = "My bucket" } } resource "aws_s3_bucket_acl" "b_acl" { bucket = aws_s3_bucket.b.id acl = "private" } locals { s3_origin_id = "myS3Origin" } resource "aws_cloudfront_distribution" "s3_distribution" { origin { domain_name = aws_s3_bucket.b.bucket_regional_domain_name origin_access_control_id = aws_cloudfront_origin_access_control.default.id origin_id = local.s3_origin_id } enabled = true is_ipv6_enabled = true comment = "Some comment" default_root_object = "index.html" logging_config { include_cookies = false bucket = "mylogs.s3.amazonaws.com" prefix = "myprefix" } aliases = ["mysite.example.com", "yoursite.example.com"] default_cache_behavior { allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"] cached_methods = ["GET", "HEAD"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false cookies { forward = "none" } } viewer_protocol_policy = "allow-all" min_ttl = 0 default_ttl = 3600 max_ttl = 86400 } # Cache behavior with precedence 0 ordered_cache_behavior { path_pattern = "/content/immutable/*" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD", "OPTIONS"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false headers = ["Origin"] cookies { forward = "none" } } min_ttl = 0 default_ttl = 86400 max_ttl = 31536000 compress = true viewer_protocol_policy = "redirect-to-https" } # Cache behavior with precedence 1 ordered_cache_behavior { path_pattern = "/content/*" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] target_origin_id = local.s3_origin_id forwarded_values { query_string = false cookies { forward = "none" } } min_ttl = 0 default_ttl = 3600 max_ttl = 86400 compress = true viewer_protocol_policy = "redirect-to-https" } price_class = "PriceClass_200" restrictions { geo_restriction { restriction_type = "whitelist" locations = ["US", "CA", "GB", "DE"] } } tags = { Environment = "production" } viewer_certificate { cloudfront_default_certificate = true } }
Import
terraform import aws_cloudfront_distribution.distribution E74FTE3EXAMPLE
Related terms
aws cloudfront get-distribution-config
aws cloudfront origin access identity
InvalidViewerCertificate
aws cloudfront create-distribution
- Terraform resource: aws cloudfront origin access control
- AWS::CloudFront::Distribution
- CORS
aws_acm_certificate_validation
aws_route53_record
Activities
See also
aws_cloudfront_distribution: domain_name, s3_origin_config, default_cache_behavior
, restrictions- Terraform AWS CloudFront: provider
aws_cloudfront_distribution, aws_cloudfront_origin_access_identity, aws_cloudfront_origin_access_control
, Terraform module: cloudfront
Advertising: