Skip to content

Commit

Permalink
feat(src): comment cloud front
Browse files Browse the repository at this point in the history
  • Loading branch information
Victor Pino committed Jun 17, 2024
1 parent 67ec56a commit 8883eb2
Show file tree
Hide file tree
Showing 5 changed files with 93 additions and 79 deletions.
12 changes: 6 additions & 6 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -63,9 +63,9 @@ jobs:
run: |
aws ecs update-service --cluster $ECS_CLUSTER --service $ECS_SERVICE --force-new-deployment --region $AWS_REGION --desired-count 1
- name: Invalidate CloudFront Cache
env:
DISTRIBUTION_ID: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }}
AWS_REGION: ${{ secrets.AWS_REGION }}
run: |
aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths "/*"
# - name: Invalidate CloudFront Cache
# env:
# DISTRIBUTION_ID: ${{ secrets.CLOUDFRONT_DISTRIBUTION_ID }}
# AWS_REGION: ${{ secrets.AWS_REGION }}
# run: |
# aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths "/*"
104 changes: 52 additions & 52 deletions terraform/fuap-backend/cloudfront.tf
Original file line number Diff line number Diff line change
@@ -1,52 +1,52 @@
resource "aws_cloudfront_distribution" "main" {
origin {
domain_name = aws_lb.main.dns_name
origin_id = var.cloudfront_origin_id

custom_origin_config {
http_port = 80
https_port = 443
origin_protocol_policy = "https-only"
origin_ssl_protocols = ["TLSv1.2"] # Aquí especifica los protocolos SSL permitidos para la comunicación con el origen
}
}

enabled = true
is_ipv6_enabled = true
comment = "CDN for FUAP-DEV application"
default_root_object = "index.html"

default_cache_behavior {
allowed_methods = ["GET", "HEAD"]
cached_methods = ["GET", "HEAD"]
target_origin_id = var.cloudfront_origin_id

forwarded_values {
query_string = false
cookies {
forward = "none"
}
}

viewer_protocol_policy = "redirect-to-https"
min_ttl = 0
default_ttl = 86400
max_ttl = 31536000
}

price_class = var.cloudfront_price_class

restrictions {
geo_restriction {
restriction_type = "none"
}
}

viewer_certificate {
cloudfront_default_certificate = true
}

tags = {
Name = "fuap-dev-cloudfront"
}
}
# resource "aws_cloudfront_distribution" "main" {
# origin {
# domain_name = aws_lb.main.dns_name
# origin_id = var.cloudfront_origin_id

# custom_origin_config {
# http_port = 80
# https_port = 443
# origin_protocol_policy = "https-only"
# origin_ssl_protocols = ["TLSv1.2"] # Aquí especifica los protocolos SSL permitidos para la comunicación con el origen
# }
# }

# enabled = true
# is_ipv6_enabled = true
# comment = "CDN for FUAP-DEV application"
# default_root_object = "index.html"

# default_cache_behavior {
# allowed_methods = ["GET", "HEAD"]
# cached_methods = ["GET", "HEAD"]
# target_origin_id = var.cloudfront_origin_id

# forwarded_values {
# query_string = false
# cookies {
# forward = "none"
# }
# }

# viewer_protocol_policy = "redirect-to-https"
# min_ttl = 0
# default_ttl = 86400
# max_ttl = 31536000
# }

# price_class = var.cloudfront_price_class

# restrictions {
# geo_restriction {
# restriction_type = "none"
# }
# }

# viewer_certificate {
# cloudfront_default_certificate = true
# }

# tags = {
# Name = "fuap-dev-cloudfront"
# }
# }
2 changes: 1 addition & 1 deletion terraform/fuap-backend/load_balancer.tf
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ resource "aws_lb_target_group" "main" {
vpc_id = aws_vpc.main.id # Reemplaza con el ID de tu VPC

health_check {
path = "/"
path = "/api/docs"
protocol = "HTTP"
timeout = 5
interval = 30
Expand Down
12 changes: 6 additions & 6 deletions terraform/fuap-backend/outputs.tf
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,10 @@ output "ecs_service_name" {
value = aws_ecs_service.main.name
}

output "cloudfront_distribution_id" {
value = aws_cloudfront_distribution.main.id
}
# output "cloudfront_distribution_id" {
# value = aws_cloudfront_distribution.main.id
# }

output "cloudfront_distribution_domain" {
value = aws_cloudfront_distribution.main.domain_name
}
# output "cloudfront_distribution_domain" {
# value = aws_cloudfront_distribution.main.domain_name
# }
42 changes: 28 additions & 14 deletions terraform/fuap-backend/security_groups.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,20 +4,6 @@ resource "aws_security_group" "ecs" {
Name = "ecs-sg"
}

ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
from_port = 443
to_port = 443
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
from_port = 3000
to_port = 3000
Expand Down Expand Up @@ -54,3 +40,31 @@ resource "aws_security_group" "rds" {
cidr_blocks = ["0.0.0.0/0"]
}
}

resource "aws_security_group" "lb" {
vpc_id = aws_vpc.main.id
tags = {
Name = "lb-sg"
}

ingress {
from_port = 80
to_port = 80
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

ingress {
from_port = 4433
to_port = 4433
protocol = "tcp"
cidr_blocks = ["0.0.0.0/0"]
}

egress {
from_port = 0
to_port = 0
protocol = "-1"
cidr_blocks = ["0.0.0.0/0"]
}
}

0 comments on commit 8883eb2

Please sign in to comment.