39 lines
1.2 KiB
Terraform
39 lines
1.2 KiB
Terraform
|
provider "aws" {
|
||
|
region = var.aws_region
|
||
|
}
|
||
|
|
||
|
resource "aws_s3_bucket" "hff_entry_forms" {
|
||
|
bucket = var.app_root_url
|
||
|
acl = "log-delivery-write"
|
||
|
}
|
||
|
|
||
|
module "dev_env" {
|
||
|
source = "./deployed_env"
|
||
|
|
||
|
environment = "dev"
|
||
|
api_certificate_arn = var.api_certificate_arn
|
||
|
artifact_bucket = aws_s3_bucket.hff_entry_forms
|
||
|
cloudfront_certificate_arn = var.cloudfront_certificate_arn
|
||
|
ecr_repo = aws_ecr_repository.hff_entry_forms_api
|
||
|
}
|
||
|
|
||
|
module "prod_env" {
|
||
|
source = "./deployed_env"
|
||
|
|
||
|
environment = "prod"
|
||
|
api_certificate_arn = var.api_certificate_arn
|
||
|
artifact_bucket = aws_s3_bucket.hff_entry_forms
|
||
|
cloudfront_certificate_arn = var.cloudfront_certificate_arn
|
||
|
ecr_repo = aws_ecr_repository.hff_entry_forms_api
|
||
|
}
|
||
|
|
||
|
data "aws_iam_policy_document" "cloudfront_access_policy" {
|
||
|
source_json = "${module.dev_env.oai_access_policy.json}"
|
||
|
override_json = "${module.prod_env.oai_access_policy.json}"
|
||
|
}
|
||
|
|
||
|
resource "aws_s3_bucket_policy" "hff_entry_forms" {
|
||
|
bucket = aws_s3_bucket.hff_entry_forms.id
|
||
|
policy = data.aws_iam_policy_document.cloudfront_access_policy.json
|
||
|
}
|