Created
August 4, 2022 21:33
-
-
Save buckmaxwell/6de879a8ec3a3ee2ced2522e5c993cba to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terraform { | |
required_providers { | |
aws = { | |
source = "hashicorp/aws" | |
version = "~> 3.0" | |
} | |
} | |
} | |
provider "aws" { | |
region = "us-east-2" | |
} | |
provider "aws" { | |
alias = "us-east-1" | |
region = "us-east-1" | |
} | |
resource "aws_s3_bucket" "tandem_owned_static" { | |
bucket = "tandem-owned-static" | |
} | |
resource "aws_s3_bucket_acl" "tandem_owned_static_acl" { | |
bucket = aws_s3_bucket.tandem_owned_static.id | |
acl = null | |
} | |
resource "aws_s3_bucket_ownership_controls" "tandem_owned_static_acl_ownership" { | |
bucket = aws_s3_bucket.tandem_owned_static.id | |
rule { | |
object_ownership = "BucketOwnerEnforced" | |
} | |
} | |
resource "aws_s3_bucket" "user_generated_static" { | |
bucket = "user-generated-static" | |
} | |
resource "aws_s3_bucket_ownership_controls" "user_generated_static_acl_ownership" { | |
bucket = aws_s3_bucket.user_generated_static.id | |
rule { | |
object_ownership = "ObjectWriter" | |
} | |
} | |
resource "aws_cloudfront_distribution" "E2VZO2KY5JGYYA" { | |
comment = "Javascript and non-user generated static assets for join-tandem.com" | |
is_ipv6_enabled = true | |
price_class = "PriceClass_100" | |
default_root_object = "index.html" | |
aliases = [ | |
"cdn.join-tandem.com", | |
"families.join-tandem.com", | |
"join-tandem.com", | |
] | |
enabled = true | |
origin { | |
connection_attempts = 3 | |
connection_timeout = 10 | |
domain_name = "tandem-owned-static.s3.us-east-2.amazonaws.com" | |
origin_id = "tandem-owned-static.s3.us-east-2.amazonaws.com" | |
s3_origin_config { | |
origin_access_identity = "origin-access-identity/cloudfront/E1M683Z04QQOF7" | |
} | |
} | |
restrictions { | |
geo_restriction { | |
restriction_type = "none" | |
} | |
} | |
default_cache_behavior { | |
compress = true | |
cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6" | |
target_origin_id = "tandem-owned-static.s3.us-east-2.amazonaws.com" | |
min_ttl = 0 | |
max_ttl = 0 | |
cached_methods = [ | |
"GET", | |
"HEAD", | |
] | |
allowed_methods = [ | |
"GET", | |
"HEAD", | |
] | |
viewer_protocol_policy = "allow-all" | |
lambda_function_association { | |
event_type = "origin-response" | |
include_body = false | |
lambda_arn = "arn:aws:lambda:us-east-1:009060434378:function:custom_index_html_manipulations:26" | |
} | |
} | |
viewer_certificate { | |
acm_certificate_arn = "arn:aws:acm:us-east-1:009060434378:certificate/c7ac7811-72bd-4b11-a643-56bebd4ba3e4" | |
cloudfront_default_certificate = false | |
ssl_support_method = "sni-only" | |
minimum_protocol_version = "TLSv1.2_2021" | |
} | |
} | |
resource "aws_cloudfront_distribution" "E2BAXCBKFSOMWI" { | |
comment = "User generated content for join-tandem.com" | |
aliases = [ | |
"static.join-tandem.com", | |
] | |
origin { | |
domain_name = "user-generated-static.s3.us-east-2.amazonaws.com" | |
origin_id = "user-generated-static.s3.us-east-2.amazonaws.com" | |
s3_origin_config { | |
origin_access_identity = "origin-access-identity/cloudfront/E3NIEXNJ03GML7" | |
} | |
} | |
restrictions { | |
geo_restriction { | |
restriction_type = "none" | |
} | |
} | |
default_cache_behavior { | |
compress = true | |
cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6" | |
allowed_methods = [ | |
"GET", | |
"HEAD", | |
"OPTIONS", | |
] | |
cached_methods = [ | |
"GET", | |
"HEAD", | |
] | |
viewer_protocol_policy = "allow-all" | |
target_origin_id = "user-generated-static.s3.us-east-2.amazonaws.com" | |
} | |
viewer_certificate { | |
minimum_protocol_version = "TLSv1.2_2021" | |
acm_certificate_arn = "arn:aws:acm:us-east-1:009060434378:certificate/25192413-4494-41de-be95-e3b8f97e99dc" | |
ssl_support_method = "sni-only" | |
} | |
enabled = true | |
is_ipv6_enabled = true | |
} | |
data "archive_file" "custom_index_html_manipulations_lambda_zip_dir" { | |
type = "zip" | |
output_path = "/tmp/custom_index_html_manipulations_lambda_dir.zip" | |
source_dir = "${path.module}/../../lambdas/custom_index_html_manipulations" | |
} | |
resource "aws_iam_role" "custom_index_html_manipulations_role" { | |
assume_role_policy = jsonencode( | |
{ | |
Version = "2012-10-17" | |
Statement = [ | |
{ | |
Effect = "Allow" | |
Action = "sts:AssumeRole" | |
Principal = { | |
Service = "lambda.amazonaws.com" | |
} | |
}, | |
{ | |
Effect = "Allow" | |
Action = "sts:AssumeRole" | |
Principal = { | |
Service = "edgelambda.amazonaws.com" | |
} | |
}, | |
] | |
} | |
) | |
managed_policy_arns = [ | |
"arn:aws:iam::009060434378:policy/service-role/AWSLambdaBasicExecutionRole-eb911a38-aabe-4742-bbc7-37aed85790b2", | |
] | |
name = "custom_index_html_manipulations-role-lzwp0pkp" | |
path = "/service-role/" | |
tags = {} | |
tags_all = {} | |
} | |
resource "aws_lambda_function" "custom_index_html_manipulations" { | |
provider = aws.us-east-1 | |
filename = data.archive_file.custom_index_html_manipulations_lambda_zip_dir.output_path | |
source_code_hash = data.archive_file.custom_index_html_manipulations_lambda_zip_dir.output_base64sha256 | |
function_name = "custom_index_html_manipulations" | |
role = aws_iam_role.custom_index_html_manipulations_role.arn | |
handler = "function.lamda_handler" | |
runtime = "python3.9" | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment