Added ability to attache web acl to cloudfront (#16)

* Added web_acl_id and dns_aliases_enabled

* Added web_acl_id

* removed dns_aliases_enabled

* added web_acl_id

* terraform fmt changes

README.md

@@ -116,6 +116,7 @@ Available targets:
 | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')`) | map | `<map>` | no |
 | viewer_minimum_protocol_version | (Optional) The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. | string | `TLSv1` | no |
 | viewer_protocol_policy | allow-all, redirect-to-https | string | `redirect-to-https` | no |
+| web_acl_id | (Optional) - Web ACL ID that can be attached to the Cloudfront distribution | string | `` | no |
 
 ## Outputs
 

docs/terraform.md

@@ -47,6 +47,7 @@
 | tags | Additional tags (e.g. `map('BusinessUnit','XYZ')`) | map | `<map>` | no |
 | viewer_minimum_protocol_version | (Optional) The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. | string | `TLSv1` | no |
 | viewer_protocol_policy | allow-all, redirect-to-https | string | `redirect-to-https` | no |
+| web_acl_id | (Optional) - Web ACL ID that can be attached to the Cloudfront distribution | string | `` | no |
 
 ## Outputs
 

main.tf

@@ -100,6 +100,8 @@ resource "aws_cloudfront_distribution" "default" {
 
   cache_behavior = "${var.cache_behavior}"
 
+  web_acl_id = "${var.web_acl_id}"
+
   restrictions {
     geo_restriction {
       restriction_type = "${var.geo_restriction_type}"

variables.tf

@@ -52,6 +52,11 @@ variable "custom_error_response" {
   default = []
 }
 
+variable "web_acl_id" {
+  description = "(Optional) - Web ACL ID that can be attached to the Cloudfront distribution"
+  default     = ""
+}
+
 variable "origin_domain_name" {
   description = "(Required) - The DNS domain name of your custom origin (e.g. website)"
   default     = ""