Skip to content

Instantly share code, notes, and snippets.

@bhornseth

bhornseth/main.tf

Forked from danihodovic/main.tf
Created March 27, 2022 12:26
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save bhornseth/7675c5862d56a287ce0ccfe4853fd5fc to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save bhornseth/7675c5862d56a287ce0ccfe4853fd5fc to your computer and use it in GitHub Desktop.
Download ZIP

Revisions

  1. @danihodovic danihodovic created this gist Jan 8, 2017.
    112 changes: 112 additions & 0 deletions main.tf
    View file
    Original file line number Diff line number Diff line change
    @@ -0,0 +1,112 @@
    variable "aws_region" {
    default = "eu-west-1"
    }

    variable "domain" {
    default = "my_domain"
    }

    provider "aws" {
    region = "${var.aws_region}"
    }

    # Note: The bucket name needs to carry the same name as the domain!
    # http://stackoverflow.com/a/5048129/2966951
    resource "aws_s3_bucket" "site" {
    bucket = "${var.domain}"
    acl = "public-read"

    policy = <<EOF
    {
    "Version":"2008-10-17",
    "Statement":[{
    "Sid":"AllowPublicRead",
    "Effect":"Allow",
    "Principal": {"AWS": "*"},
    "Action":["s3:GetObject"],
    "Resource":["arn:aws:s3:::${var.domain}/*"]
    }]
    }
    EOF

    website {
    index_document = "index.html"
    }
    }

    # Note: Creating this route53 zone is not enough. The domain's name servers need to point to the NS
    # servers of the route53 zone. Otherwise the DNS lookup will fail.
    # To verify that the dns lookup succeeds: `dig site @nameserver`
    resource "aws_route53_zone" "main" {
    name = "${var.domain}"
    }

    resource "aws_route53_record" "root_domain" {
    zone_id = "${aws_route53_zone.main.zone_id}"
    name = "${var.domain}"
    type = "A"

    alias {
    name = "${aws_cloudfront_distribution.cdn.domain_name}"
    zone_id = "${aws_cloudfront_distribution.cdn.hosted_zone_id}"
    evaluate_target_health = false
    }
    }

    resource "aws_cloudfront_distribution" "cdn" {
    origin {
    origin_id = "${var.domain}"
    domain_name = "${var.domain}.s3.amazonaws.com"
    }

    # If using route53 aliases for DNS we need to declare it here too, otherwise we'll get 403s.
    aliases = ["${var.domain}"]

    enabled = true
    default_root_object = "index.html"

    default_cache_behavior {
    allowed_methods = ["GET", "HEAD", "OPTIONS"]
    cached_methods = ["GET", "HEAD"]
    target_origin_id = "${var.domain}"

    forwarded_values {
    query_string = true
    cookies {
    forward = "none"
    }
    }

    viewer_protocol_policy = "allow-all"
    min_ttl = 0
    default_ttl = 3600
    max_ttl = 86400
    }

    # The cheapest priceclass
    price_class = "PriceClass_100"

    # This is required to be specified even if it's not used.
    restrictions {
    geo_restriction {
    restriction_type = "none"
    locations = []
    }
    }

    viewer_certificate {
    cloudfront_default_certificate = true
    }
    }

    output "s3_website_endpoint" {
    value = "${aws_s3_bucket.site.website_endpoint}"
    }

    output "route53_domain" {
    value = "${aws_route53_record.root_domain.fqdn}"
    }

    output "cdn_domain" {
    value = "${aws_cloudfront_distribution.cdn.domain_name}"
    }