resource "aws_cloudfront_distribution" "distribution" { enabled = true

1.  
2.  
3. resource "aws_cloudfront_distribution" "distribution" {
4.  
5. enabled = true
6.  
7. viewer_certificate {
8. cloudfront_default_certificate = true
9. }
10. restrictions {
11. geo_restriction {
12. restriction_type = "none"
13. }
14. }
15. origin {
16. domain_name = aws_s3_bucket.frontend_bucket.bucket_regional_domain_name
17. origin_id = "s3" # ID
18. }
19.  
20. origin {
21. domain_name = replace(aws_api_gateway_deployment.hailmeoout-api-deployment.invoke_url, "/^https?://([^/]*).*/", "$1")
22. origin_id = "apigw" # ID
23.  
24. custom_origin_config {
25. http_port = 80
26. https_port = 443
27. origin_protocol_policy = "https-only"
28. origin_ssl_protocols = ["TLSv1.2"]
29. }
30. }
31.  
32. default_cache_behavior {
33. allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
34. cached_methods = ["GET", "HEAD"]
35. target_origin_id = "s3" # Use the s3 origin
36.  
37. # Don't forward query string or cookies
38. forwarded_values {
39. query_string = false
40. cookies {
41. forward = "none"
42. }
43. }
44.  
45. viewer_protocol_policy = "redirect-to-https"
46. }
47.  
48. ordered_cache_behavior {
49. path_pattern = "/api/*"
50. allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
51. cached_methods = ["GET", "HEAD"]
52. target_origin_id = "apigw" # Use the apigw origin
53.  
54. # Disable caching
55. default_ttl = 0
56. min_ttl = 0
57. max_ttl = 0
58.  
59. # Forward everything
60. forwarded_values {
61. query_string = true
62. cookies {
63. forward = "all"
64. }
65. }
66.  
67. viewer_protocol_policy = "redirect-to-https"
68. }
69. }
70.  
71. output "frontend_url" {
72. value = aws_cloudfront_distribution.distribution.domain_name
73. }