-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvariables.tf
139 lines (122 loc) · 5.46 KB
/
variables.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
# Required variables
variable "primary_fqdn" {
description = "This is what we will name the S3 bucket. This must be in the list of DNS names that the app will be served from otherwise this won't work correctly."
}
variable "origins" {
type = list(string)
description = "This is a list of domain names that will be passed into the CORS rule for the S3 bucket and the aliases list for cloud front. "
}
variable "s3_origin_id" {
description = "A unique name value to assign to the s3 origin in CF. Try not to change it much."
}
variable "cert_arn" {
description = "The ARN for a cert that will be fronting this distro. Make sure it exists."
}
# Optional variables
variable "routing_rules" {
description = "A string containing a compatible policy document with routing rules to assign to the S3 bucket. Defaults to empty."
default = ""
}
variable "default_root_object" {
description = "The object that you want CloudFront to return when an end user requests the root URL."
default = "index.html"
}
variable "web_index_doc" {
description = "The path to the file where your app will deploy it's entrypoint."
default = "index.html"
}
variable "web_error_doc" {
description = "The path to any custom error files that S3 will serve if there's a problem."
default = "error.html"
}
variable "cors_max_age_seconds" {
description = "Max age for a CORS call in seconds. Assigned to the cors rules for the S3 bucket."
default = 3000
}
variable "cors_expose_headers" {
type = list(string)
description = "The list of headers to expose on the S3 bucket. Defaults to an empty list."
default = []
}
variable "custom_error_responses" {
type = list(any)
description = "A list of custom error response blocks. You probably won't need this unless you have a complex deployment."
default = []
}
variable "restriction_type" {
description = "The restriction type for the CF distro when restricting content. Defaults to none."
default = "none"
}
variable "restriction_locations" {
type = list(string)
description = "The list of locations to apply to the restriction type. Note this is ignored if the restriction type is none."
default = []
}
variable "default_cache_behavior" {
description = "The default cache behavior for this distribute. See the modules/cache_behavior submodule for a simple way to create this."
type = object({
allowed_methods = optional(list(string), ["GET", "HEAD", "OPTIONS"])
cached_methods = optional(list(string), ["GET", "HEAD"])
viewer_protocol_policy = optional(string, "redirect-to-https")
compress = optional(bool, false)
min_ttl = optional(number, 1)
default_ttl = optional(number, 3600)
max_ttl = optional(number, 86400)
forward_query_strings = optional(bool, true)
query_string_cache_keys = optional(list(string), [])
forward_cookies = optional(string, "none")
whitelisted_cookie_names = optional(list(string), [])
forward_headers = optional(list(string), [])
lambda_function_associations = optional(list(object({
event_type = string
lambda_arn = string
include_body = optional(bool, false)
})), [])
function_associations = optional(list(object({
event_type = string
function_arn = string
})), [])
})
default = {}
}
variable "ordered_cache_behaviors" {
description = "An ordered list of cache behaviors for this distribution. List from top to bottom in order or precedence. The topmost cache behavior will have precedence 0. See the modules/cache_behavior submodule for a simple way to create this."
type = list(object({
path_pattern = string
allowed_methods = optional(list(string), ["GET", "HEAD", "OPTIONS"])
cached_methods = optional(list(string), ["GET", "HEAD"])
viewer_protocol_policy = optional(string, "redirect-to-https")
compress = optional(bool, false)
min_ttl = optional(number, 1)
default_ttl = optional(number, 3600)
max_ttl = optional(number, 86400)
forward_query_strings = optional(bool, true)
query_string_cache_keys = optional(list(string), [])
forward_cookies = optional(string, "none")
whitelisted_cookie_names = optional(list(string), [])
forward_headers = optional(list(string), [])
lambda_function_associations = optional(list(object({
event_type = string
lambda_arn = string
include_body = optional(bool, false)
})), [])
function_associations = optional(list(object({
event_type = string
function_arn = string
})), [])
}))
default = []
}
variable "bucket_object_ownership" {
description = "See https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_ownership_controls#object_ownership : BucketOwnerPreferred, ObjectWriter or BucketOwnerEnforced. Defaults to ObjectWriter."
default = "ObjectWriter"
}
variable "allow_destroy_s3" {
description = "Allow the S3 bucket to be destroyed even when not empty. Defaults to false."
type = bool
default = false
}
variable "waf_web_acl_arn" {
description = "The ARN of the WAF Web ACL to associate with the cloudfront distribution. If you want to associate a WAF with the distribution you must provide this value. Do not use an AssociateWebACL. Defaults to null."
default = null
}