Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding origin_access_control_id to custom_origins #326

Merged
merged 2 commits into from
Nov 4, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docs/terraform.md
Original file line number Diff line number Diff line change
Expand Up @@ -88,7 +88,7 @@
| <a name="input_cors_max_age_seconds"></a> [cors\_max\_age\_seconds](#input\_cors\_max\_age\_seconds) | Time in seconds that browser can cache the response for S3 bucket | `number` | `3600` | no |
| <a name="input_custom_error_response"></a> [custom\_error\_response](#input\_custom\_error\_response) | List of one or more custom error response element maps | <pre>list(object({<br> error_caching_min_ttl = string<br> error_code = string<br> response_code = string<br> response_page_path = string<br> }))</pre> | `[]` | no |
| <a name="input_custom_origin_headers"></a> [custom\_origin\_headers](#input\_custom\_origin\_headers) | A list of origin header parameters that will be sent to origin | `list(object({ name = string, value = string }))` | `[]` | no |
| <a name="input_custom_origins"></a> [custom\_origins](#input\_custom\_origins) | A list of additional custom website [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) for this distribution. | <pre>list(object({<br> domain_name = string<br> origin_id = string<br> origin_path = string<br> custom_headers = list(object({<br> name = string<br> value = string<br> }))<br> custom_origin_config = object({<br> http_port = number<br> https_port = number<br> origin_protocol_policy = string<br> origin_ssl_protocols = list(string)<br> origin_keepalive_timeout = number<br> origin_read_timeout = number<br> })<br> }))</pre> | `[]` | no |
| <a name="input_custom_origins"></a> [custom\_origins](#input\_custom\_origins) | A list of additional custom website [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) for this distribution. | <pre>list(object({<br> domain_name = string<br> origin_id = string<br> origin_path = string<br> origin_access_control_id = string<br> custom_headers = list(object({<br> name = string<br> value = string<br> }))<br> custom_origin_config = object({<br> http_port = number<br> https_port = number<br> origin_protocol_policy = string<br> origin_ssl_protocols = list(string)<br> origin_keepalive_timeout = number<br> origin_read_timeout = number<br> })<br> }))</pre> | `[]` | no |
| <a name="input_default_root_object"></a> [default\_root\_object](#input\_default\_root\_object) | Object that CloudFront return when requests the root URL | `string` | `"index.html"` | no |
| <a name="input_default_ttl"></a> [default\_ttl](#input\_default\_ttl) | Default amount of time (in seconds) that an object is in a CloudFront cache | `number` | `60` | no |
| <a name="input_delimiter"></a> [delimiter](#input\_delimiter) | Delimiter to be used between ID elements.<br>Defaults to `-` (hyphen). Set to `""` to use no delimiter at all. | `string` | `null` | no |
Expand Down
11 changes: 7 additions & 4 deletions examples/complete/custom-origins.tf
Original file line number Diff line number Diff line change
@@ -1,10 +1,13 @@
locals {
additional_custom_origins_enabled = local.enabled && var.additional_custom_origins_enabled
default_custom_origin_configuration = {
domain_name = null
origin_id = null
origin_path = null
custom_headers = []
domain_name = null
origin_id = null
origin_path = null
# Example configuration with Origin Access Control for Lambda@Edge:
# origin_access_control_id = aws_cloudfront_origin_access_control.example.id
origin_access_control_id = null
custom_headers = []
gberenice marked this conversation as resolved.
Show resolved Hide resolved
custom_origin_config = {
http_port = 80
https_port = 443
Expand Down
7 changes: 4 additions & 3 deletions main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -551,9 +551,10 @@ resource "aws_cloudfront_distribution" "default" {
dynamic "origin" {
for_each = var.custom_origins
content {
domain_name = origin.value.domain_name
origin_id = origin.value.origin_id
origin_path = lookup(origin.value, "origin_path", "")
domain_name = origin.value.domain_name
origin_id = origin.value.origin_id
origin_path = lookup(origin.value, "origin_path", "")
origin_access_control_id = lookup(origin.value, "origin_access_control_id", null)
dynamic "custom_header" {
for_each = lookup(origin.value, "custom_headers", [])
content {
Expand Down
9 changes: 6 additions & 3 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -446,9 +446,10 @@ variable "ordered_cache" {

variable "custom_origins" {
type = list(object({
domain_name = string
origin_id = string
origin_path = string
domain_name = string
origin_id = string
origin_path = string
origin_access_control_id = optional(string)
gberenice marked this conversation as resolved.
Show resolved Hide resolved
custom_headers = list(object({
name = string
value = string
Expand All @@ -465,6 +466,8 @@ variable "custom_origins" {
default = []
description = <<-EOT
A list of additional custom website [origins](https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments) for this distribution.
The `origin_access_control_id` field specifies the Origin Access Control configuration to use for this origin.
This is used to configure secure access between CloudFront and the origin.
gberenice marked this conversation as resolved.
Show resolved Hide resolved
EOT
}

Expand Down