Merge pull request #5 from eabdelmaqsod/feature/0.12upgrade

Feature/0.12upgrade
zoitech · Oct 7, 2020 · 58e8727 · 58e8727
2 parents a25f31a + 2e128d9
commit 58e8727
Show file tree

Hide file tree

Showing 7 changed files with 76 additions and 43 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,9 @@
+## 1.0.0
+ENHANCEMENTS:
+* Upgrade TF to version 12 ([#4](https://github.com/zoitech/terraform-aws-cloudfront/issues/4))
+
 ## 0.0.2 (Unreleased)
 ENHANCEMENTS:
 
 * Add custom response error referrenced in issue ([#3](https://github.com/zoitech/terraform-aws-cloudfront/issues/3))
-* Add default_cache_behavior ( header )
+* Add default_cache_behavior ( header )
diff --git a/README.md b/README.md
@@ -57,7 +57,7 @@ module "my_cloudfront" {
   restriction_type = "none"
 
   # Certificate
-  acm_certificate_arn      = "${data.aws_acm_certificate.my_acm_certificate.arn}"
+  acm_certificate_arn      = data.aws_acm_certificate.my_acm_certificate.arn
   minimum_protocol_version = "TLSv1.1_2016"
   ssl_support_method       = "sni-only"
 }
@@ -66,4 +66,4 @@ module "my_cloudfront" {
 #### Outputs
 The following outputs are possible:
 * domain_name  (The domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net)
-* hosted_zone_id (The CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.)
+* hosted_zone_id (The CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.)
diff --git a/cloudfront.tf b/cloudfront.tf
@@ -1,33 +1,46 @@
 resource "aws_cloudfront_distribution" "distribution" {
   origin {
-    domain_name = "${var.dns_domain_name}"
-    origin_id   = "${var.origin_id}"
-
+    domain_name = var.dns_domain_name
+    origin_id   = var.origin_id
     # s3_origin_config {
     #   origin_access_identity = "origin-access-identity/cloudfront/ABCDEFG1234567"
     # }
   }
 
-  enabled             = "${var.state_enabled}"
-  is_ipv6_enabled     = "${var.is_ipv6_enabled}"
-  comment             = "${var.comment}"
-  default_root_object = "${var.default_root_object}"
+  enabled             = var.state_enabled
+  is_ipv6_enabled     = var.is_ipv6_enabled
+  comment             = var.comment
+  default_root_object = var.default_root_object
 
   logging_config {
-    include_cookies = "${var.logging_config_include_cookies}" #The logging configuration that controls how logs are written to your distribution (maximum one).
-    bucket          = "${var.logging_config_bucket}"
-    prefix          = "${var.logging_config_prefix}"
+    include_cookies = var.logging_config_include_cookies #The logging configuration that controls how logs are written to your distribution (maximum one).
+    bucket          = var.logging_config_bucket
+    prefix          = var.logging_config_prefix
   }
- 
-  aliases = "${var.aliases}" #list
+
+  aliases = var.aliases #list
 
   # Custom Error response
-  custom_error_response = ["${var.custom_error_response}" ] #list
-
+  dynamic "custom_error_response" {
+    for_each = [for i in var.custom_error_response : {
+      error_caching_min_ttl = i.error_caching_min_ttl
+      error_code            = i.error_code
+      response_code         = i.response_code
+      response_page_path    = i.response_page_path
+    }]
+
+    content {
+      error_caching_min_ttl = custom_error_response.value.error_caching_min_ttl
+      error_code            = custom_error_response.value.error_code
+      response_code         = custom_error_response.value.response_code
+      response_page_path    = custom_error_response.value.response_page_path
+    }
+  }
+
   default_cache_behavior {
-    allowed_methods  = "${var.default_cache_behavior_allowed_methods}" #list
-    cached_methods   = "${var.default_cache_behavior_cached_methods}"  #list
-    target_origin_id = "${var.target_origin_id}"
+    allowed_methods  = var.default_cache_behavior_allowed_methods #list
+    cached_methods   = var.default_cache_behavior_cached_methods  #list
+    target_origin_id = var.target_origin_id
 
     forwarded_values {
       query_string = false
@@ -36,27 +49,28 @@ resource "aws_cloudfront_distribution" "distribution" {
         forward = "none"
       }
 
-      headers = "${var.default_cache_behavior_forwarded_values_headers}" #list
+      headers = var.default_cache_behavior_forwarded_values_headers #list
     }
 
-    viewer_protocol_policy = "${var.viewer_protocol_policy}"
+    viewer_protocol_policy = var.viewer_protocol_policy
     min_ttl                = 0
     default_ttl            = 3600
     max_ttl                = 86400
   }
 
-  price_class = "${var.price_class}"
+  price_class = var.price_class
 
   restrictions {
     geo_restriction {
-      restriction_type = "${var.restriction_type}"
-      locations        = "${var.restriction_locations}"
+      restriction_type = var.restriction_type
+      locations        = var.restriction_locations
     }
   }
 
   viewer_certificate {
-    acm_certificate_arn = "${var.acm_certificate_arn}"
-    minimum_protocol_version = "${var.minimum_protocol_version}"
-    ssl_support_method = "${var.ssl_support_method}"
+    acm_certificate_arn      = var.acm_certificate_arn
+    minimum_protocol_version = var.minimum_protocol_version
+    ssl_support_method       = var.ssl_support_method
   }
 }
+
diff --git a/outputs.tf b/outputs.tf
@@ -1,6 +1,8 @@
 output "domain_name" {
-  value = "${aws_cloudfront_distribution.distribution.domain_name}"
+  value = aws_cloudfront_distribution.distribution.domain_name
 }
+
 output "hosted_zone_id" {
-  value = "${aws_cloudfront_distribution.distribution.hosted_zone_id}"
-}
+  value = aws_cloudfront_distribution.distribution.hosted_zone_id
+}
+
diff --git a/provider.tf b/provider.tf
@@ -0,0 +1,3 @@
+provider "aws" {
+  region = var.region
+}
diff --git a/variables.tf b/variables.tf
@@ -44,22 +44,22 @@ variable "logging_config_prefix" {
 }
 
 variable "aliases" {
-  type        = "list"
+  type        = list(string)
   description = "(Optional) - Extra CNAMEs (alternate domain names), if any, for this distribution."
 }
 
 variable "default_cache_behavior_allowed_methods" {
-  type        = "list"
+  type        = list(string)
   description = "(Required) - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin."
 }
 
 variable "default_cache_behavior_cached_methods" {
-  type        = "list"
+  type        = list(string)
   description = "(Required) - Controls whether CloudFront caches the response to requests using the specified HTTP methods."
 }
 
 variable "default_cache_behavior_forwarded_values_headers" {
-  type        = "list"
+  type        = list(string)
   description = "(Required) - Specifies the Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers."
 }
 
@@ -81,7 +81,7 @@ variable "restriction_type" {
 }
 
 variable "restriction_locations" {
-  type        = "list"
+  type        = list(string)
   description = "(Optional) - The ISO 3166-1-alpha-2 codes for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist)."
   default     = []
 }
@@ -91,14 +91,20 @@ variable "acm_certificate_arn" {
 }
 
 variable "minimum_protocol_version" {
- description = "The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. One of SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016 or TLSv1.2_2018. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified."
-} 
+  description = "The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. One of SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016 or TLSv1.2_2018. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified."
+}
+
 variable "ssl_support_method" {
- description = "Specifies how you want CloudFront to serve HTTPS requests. One of vip or sni-only. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges."
-} 
+  description = "Specifies how you want CloudFront to serve HTTPS requests. One of vip or sni-only. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges."
+}
 
 variable "custom_error_response" {
   description = "(Optional) - One or more custom error response elements (multiples allowed)."
-  type = "list"
-  default = []
-}
+  type        = any
+  default     = []
+}
+
+variable "region" {
+  description = "region"
+  default     = "eu-west-1"
+}
diff --git a/versions.tf b/versions.tf
@@ -0,0 +1,4 @@
+
+terraform {
+  required_version = ">= 0.12"
+}