Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for a custom cache policy #140

Merged
merged 13 commits into from
May 11, 2021
1 change: 1 addition & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -275,6 +275,7 @@ Available targets:
| <a name="input_allowed_methods"></a> [allowed\_methods](#input\_allowed\_methods) | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for AWS CloudFront | `list(string)` | <pre>[<br> "DELETE",<br> "GET",<br> "HEAD",<br> "OPTIONS",<br> "PATCH",<br> "POST",<br> "PUT"<br>]</pre> | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| <a name="input_block_origin_public_access_enabled"></a> [block\_origin\_public\_access\_enabled](#input\_block\_origin\_public\_access\_enabled) | When set to 'true' the s3 origin bucket will have public access block enabled | `bool` | `false` | no |
| <a name="input_cache_policy_id"></a> [cache\_policy\_id](#input\_cache\_policy\_id) | The unique identifier of the cache policy that is attached to the default cache behavior | `string` | `null` | no |
| <a name="input_cached_methods"></a> [cached\_methods](#input\_cached\_methods) | List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD) | `list(string)` | <pre>[<br> "GET",<br> "HEAD"<br>]</pre> | no |
| <a name="input_cloudfront_origin_access_identity_iam_arn"></a> [cloudfront\_origin\_access\_identity\_iam\_arn](#input\_cloudfront\_origin\_access\_identity\_iam\_arn) | Existing cloudfront origin access identity iam arn that is supplied in the s3 bucket policy | `string` | `""` | no |
| <a name="input_cloudfront_origin_access_identity_path"></a> [cloudfront\_origin\_access\_identity\_path](#input\_cloudfront\_origin\_access\_identity\_path) | Existing cloudfront origin access identity path used in the cloudfront distribution's s3\_origin\_config content | `string` | `""` | no |
1 change: 1 addition & 0 deletions docs/terraform.md
Original file line number Diff line number Diff line change
@@ -49,6 +49,7 @@
| <a name="input_allowed_methods"></a> [allowed\_methods](#input\_allowed\_methods) | List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for AWS CloudFront | `list(string)` | <pre>[<br> "DELETE",<br> "GET",<br> "HEAD",<br> "OPTIONS",<br> "PATCH",<br> "POST",<br> "PUT"<br>]</pre> | no |
| <a name="input_attributes"></a> [attributes](#input\_attributes) | Additional attributes (e.g. `1`) | `list(string)` | `[]` | no |
| <a name="input_block_origin_public_access_enabled"></a> [block\_origin\_public\_access\_enabled](#input\_block\_origin\_public\_access\_enabled) | When set to 'true' the s3 origin bucket will have public access block enabled | `bool` | `false` | no |
| <a name="input_cache_policy_id"></a> [cache\_policy\_id](#input\_cache\_policy\_id) | The unique identifier of the cache policy that is attached to the default cache behavior | `string` | `null` | no |
| <a name="input_cached_methods"></a> [cached\_methods](#input\_cached\_methods) | List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD) | `list(string)` | <pre>[<br> "GET",<br> "HEAD"<br>]</pre> | no |
| <a name="input_cloudfront_origin_access_identity_iam_arn"></a> [cloudfront\_origin\_access\_identity\_iam\_arn](#input\_cloudfront\_origin\_access\_identity\_iam\_arn) | Existing cloudfront origin access identity iam arn that is supplied in the s3 bucket policy | `string` | `""` | no |
| <a name="input_cloudfront_origin_access_identity_path"></a> [cloudfront\_origin\_access\_identity\_path](#input\_cloudfront\_origin\_access\_identity\_path) | Existing cloudfront origin access identity path used in the cloudfront distribution's s3\_origin\_config content | `string` | `""` | no |
17 changes: 11 additions & 6 deletions main.tf
Original file line number Diff line number Diff line change
@@ -302,17 +302,22 @@ resource "aws_cloudfront_distribution" "default" {
default_cache_behavior {
allowed_methods = var.allowed_methods
cached_methods = var.cached_methods
cache_policy_id = var.cache_policy_id
target_origin_id = module.this.id
compress = var.compress
trusted_signers = var.trusted_signers

forwarded_values {
query_string = var.forward_query_string
query_string_cache_keys = var.query_string_cache_keys
headers = var.forward_header_values
dynamic "forwarded_values" {
# If a cache policy is specified, we cannot include a `forwarded_values` block at all in the API request
for_each = var.cache_policy_id == null ? [true] : []
content {
query_string = var.forward_query_string
query_string_cache_keys = var.query_string_cache_keys
headers = var.forward_header_values

cookies {
forward = var.forward_cookies
cookies {
forward = var.forward_cookies
}
}
}

6 changes: 6 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
@@ -197,6 +197,12 @@ variable "cached_methods" {
description = "List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD)"
}

variable "cache_policy_id" {
type = string
default = null
description = "The unique identifier of the cache policy that is attached to the default cache behavior"
}

variable "default_ttl" {
type = number
default = 60