🙌

【Terraform】AWS CloudFront ディストリビューションのテンプレート

2022/10/22に公開約5,500字

概要

Terraform で AWS の CloudFront ディストリビューションを作成するときの個人的なテンプレートファイルです。

環境

Terraform 1.2.5
Terraform AWS Provider 4.22.0

コード

# Reference: 
#  https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution
#  https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html

resource "aws_cloudfront_distribution" "example" {
  enabled             = true # Required
  comment             = ""
  aliases             = ""
  price_class         = "PriceClass_200"
  http_version        = "http2"
  is_ipv6_enabled     = true
  default_root_object = ""
  web_acl_id          = ""

  tags = {
    Name = ""
  }

  # Required
  origin {
    domain_name         = "" # Required
    origin_id           = "" # Required
    origin_path         = ""
    connection_attempts = 3  # Default
    connection_timeout  = 10 # Default

    # custom_header {
    #   name  = ""
    #   value = ""
    # }

    # If an S3 origin is required, use s3_origin_config instead.
    custom_origin_config {
      http_port                = 80                              # Required
      https_port               = 443                             # Required
      origin_protocol_policy   = "https-only"                    # Required
      origin_ssl_protocols     = ["TLSv1", "TLSv1.1", "TLSv1.2"] # Required
      origin_read_timeout      = 30                              # Default
      origin_keepalive_timeout = 5                               # Default
    }
    # s3_origin_config {
    #   origin_access_identity = ""
    # }
  }

  # Required
  default_cache_behavior {
    target_origin_id = ""                                                           # Required
    allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"] # Required
    cached_methods   = ["GET", "HEAD"]                                              # Required
    # Reference: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
    # cache_policy_id  = ""

    # If a cache policy is required, use cache_policy_id instead.
    forwarded_values {
      # headers      = []
      query_string = false

      cookies {
        forward = "none" # Required
      }
    }

    # Reference: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
    min_ttl                = 0        # Default
    default_ttl            = 86400    # Default
    max_ttl                = 31536000 # Default
    compress               = true
    viewer_protocol_policy = "redirect-to-https" # Required
  }

  # Cache behavior with precedence 0
  ordered_cache_behavior {
    path_pattern     = ""                                                           # Required
    target_origin_id = ""                                                           # Required
    allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"] # Required
    cached_methods   = ["GET", "HEAD"]                                              # Required
    # Reference: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
    # cache_policy_id  = ""

    # If a cache policy is required, use cache_policy_id instead.
    forwarded_values {
      # headers      = []
      query_string = false

      cookies {
        forward = "none" # Required
      }
    }

    # Reference: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
    min_ttl                = 0        # Default
    default_ttl            = 86400    # Default
    max_ttl                = 31536000 # Default
    compress               = true
    viewer_protocol_policy = "redirect-to-https" # Required
  }

  # # Cache behavior with precedence 1
  # ordered_cache_behavior {
  #   path_pattern     = ""                                                           # Required
  #   target_origin_id = ""                                                           # Required
  #   allowed_methods  = ["GET", "HEAD", "OPTIONS", "PUT", "POST", "PATCH", "DELETE"] # Required
  #   cached_methods   = ["GET", "HEAD"]                                              # Required
  #   # 参考: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
  #   # cache_policy_id  = ""

  #   # If a cache policy is required, use cache_policy_id instead.
  #   forwarded_values {
  #     # headers      = []
  #     query_string = false

  #     cookies {
  #       forward = "none" # Required
  #     }
  #   }

  #   # Reference: https://docs.aws.amazon.com/ja_jp/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
  #   min_ttl                = 0
  #   default_ttl            = 0
  #   max_ttl                = 300
  #   compress               = true
  #   viewer_protocol_policy = "redirect-to-https" # Required
  # }

  logging_config {
    bucket          = ""
    prefix          = ""
    include_cookies = false
  }

  # Required
  viewer_certificate {
    cloudfront_default_certificate = false
    acm_certificate_arn            = ""
    ssl_support_method             = "sni-only"
    minimum_protocol_version       = "TLSv1.2"
  }

  # Required
  restrictions {
    geo_restriction {
      locations        = []
      restriction_type = "none"
    }
  }
}

# If an S3 origin is required, uncomment.
# resource "aws_cloudfront_origin_access_identity" "example" {
#   comment = ""
# }

Discussion

ログインするとコメントできます