Commit 46d3e245 authored by Bertrand PINEL's avatar Bertrand PINEL

Add S3 bucket and CloudFront terraform

parent bbc80fb5
This diff is collapsed.
......@@ -4,7 +4,7 @@ Installing AWS infrastructure through Terraform scripts
This file explains how to set up the expected infrastructure awaited to implement the JSON API.
The installation is based on Terraform (https://www.terraform.io/)
It expects that by AWS CLI and Terraform have previously been installed and set up correctly.
It expects that both AWS CLI and Terraform have been previously installed and set up correctly.
The AWS Credentials should also have been set up
How it works
......@@ -14,7 +14,7 @@ AWS JSON API server relies on 3 main components, plus the needed IAM roles :
- A lambda function in charge of the translation from JSON API format to dynamoDB objects and managing the relationships and the optional parameters provided in the request
- An API Gateway configured to received the REST HTTP requests and proxying the Lambda
Three Terraform files are available, each one created the needed component and their relationships with each other.
Several Terraform files are available, each one creating the needed component and their relationships with each other.
Installation
------------------------------------------------------------------------------
......@@ -31,6 +31,6 @@ aws s3 cp lambda-jsonapi.zip s3://lambda-jsonapi-code-bucket/v1.0.0/lambda-jsona
```
One this is done, simply run the terraform script :
```
terraform apply
terraform apply -var bucket_name=<bucket name for static web site>
```
For a strange reason I don't understand, the first time you run the terraform command, the mapping for the integration response fails. You have to run the command again to have your complete setup.
\ No newline at end of file
variable "bucket_name_production" {
type = "string"
default = "ember-aws-ehipster-production"
}
variable "bucket_name_staging" {
type = "string"
default = "ember-aws-ehipster-staging"
}
resource "aws_s3_bucket" "production" {
bucket = "${var.bucket_name_production}"
acl = "public-read"
website {
index_document = "index.html"
error_document = "index.html"
}
}
resource "aws_s3_bucket" "staging" {
bucket = "${var.bucket_name_staging}"
acl = "public-read"
website {
index_document = "index.html"
error_document = "index.html"
}
}
locals {
s3_origin_id = "S3Origin"
}
data "aws_s3_bucket" "production" {
bucket = "${var.bucket_name_production}"
}
data "aws_s3_bucket" "staging" {
bucket = "${var.bucket_name_staging}"
}
resource "aws_cloudfront_distribution" "s3_distribution_production" {
origin {
domain_name = "${element(split("/","${data.aws_s3_bucket.production.website_endpoint}"),2)}"
origin_id = "${local.s3_origin_id}"
custom_origin_config {
http_port = 80
https_port = 443
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["SSLv3", "TLSv1.1", "TLSv1.2"]
}
}
enabled = true
http_version = "http2"
is_ipv6_enabled = true
comment = "Production ehipster ClondFront"
default_root_object = "index.html"
default_cache_behavior {
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
compress = true
cached_methods = ["GET", "HEAD"]
target_origin_id = "${local.s3_origin_id}"
forwarded_values {
query_string = true
cookies {
forward = "none"
}
}
viewer_protocol_policy = "redirect-to-https"
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
price_class = "PriceClass_All"
restrictions {
geo_restriction {
restriction_type = "none"
}
}
tags = {
Environment = "production"
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
resource "aws_cloudfront_distribution" "s3_distribution_staging" {
origin {
domain_name = "${element(split("/","${data.aws_s3_bucket.staging.website_endpoint}"),2)}"
origin_id = "${local.s3_origin_id}"
custom_origin_config {
http_port = 80
https_port = 443
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["SSLv3", "TLSv1.1", "TLSv1.2"]
}
}
enabled = true
http_version = "http2"
is_ipv6_enabled = true
comment = "Staging ehipster ClondFront"
default_root_object = "index.html"
default_cache_behavior {
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
compress = true
cached_methods = ["GET", "HEAD"]
target_origin_id = "${local.s3_origin_id}"
forwarded_values {
query_string = true
cookies {
forward = "none"
}
}
viewer_protocol_policy = "redirect-to-https"
min_ttl = 0
default_ttl = 3600
max_ttl = 86400
}
price_class = "PriceClass_All"
restrictions {
geo_restriction {
restriction_type = "none"
}
}
tags = {
Environment = "staging"
}
viewer_certificate {
cloudfront_default_certificate = true
}
}
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment