jdb/personal-measure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

operations: WIP continuing definition for ECS-based API deployment.

Browse Source
This commit is contained in:
Jonathan Bernard
2021-07-03 03:36:41 -05:00
parent c2c4c8473d
commit 87ce9cc4d4
6 changed files with 32 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
operations/terraform/deployed_env/cloudfront.tf
View File

@ -6,18 +6,18 @@ data "aws_iam_policy_document" "bucket_access_policy" {
principals {
type = "AWS"
identifiers = [ "${aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn}" ]
identifiers = [ aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn ]
}
}
statement {
actions = [ "s3:ListBucket" ]
effect = "Allow"
resources = [ "${var.artifact_bucket.arn}" ]
resources = [ var.artifact_bucket.arn ]
principals {
type = "AWS"
identifiers = [ "${aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn}" ]
identifiers = [ aws_cloudfront_origin_access_identity.origin_access_identity.iam_arn ]
}
}
}
@ -32,12 +32,12 @@ resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
resource "aws_cloudfront_distribution" "s3_distribution" {
origin {
domain_name = "${var.artifact_bucket.bucket_regional_domain_name}"
domain_name = var.artifact_bucket.bucket_regional_domain_name
origin_id = "S3-PersonalMeasure-${var.environment}"
origin_path = "/${var.environment}/webroot"
s3_origin_config {
origin_access_identity = "${aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path}"
origin_access_identity = aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path
}
}
@ -48,11 +48,11 @@ resource "aws_cloudfront_distribution" "s3_distribution" {
logging_config {
include_cookies = false
bucket = "${var.artifact_bucket.bucket_domain_name}"
bucket = var.artifact_bucket.bucket_domain_name
prefix = "${var.environment}/logs/cloudfront"
}
aliases = ["${local.app_domain_name}"]
aliases = [local.app_domain_name]
default_cache_behavior {
allowed_methods = ["GET", "HEAD", "OPTIONS"]
@ -88,11 +88,11 @@ resource "aws_cloudfront_distribution" "s3_distribution" {
}
}
tags = {
Environment = "${var.environment}"
Environment = var.environment
}
viewer_certificate {
acm_certificate_arn = "${var.domain_cert_arn}"
acm_certificate_arn = var.domain_cert.arn
ssl_support_method = "sni-only"
}
}