Merge pull request #5 from TechHoldingLLC/feat/origin_request_policy

kaustubhposhiya · web-flow · commit f782e37df0e1 · 2024-03-27T14:40:58.000+05:30
Origin Request Policy
diff --git a/README.md b/README.md
@@ -2,13 +2,13 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_aws"></a> [aws](#requirement\_aws) | ~> 4.0.0 |
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 5.0 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_aws"></a> [aws](#provider\_aws) | ~> 4.0.0 |
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 5.0 |
 
 ## Modules
 
@@ -25,7 +25,7 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_acm_arn"></a> [acm\_arn](#input\_acm\_arn) | ACM cert arn | `string` | n/a | no |
+| <a name="input_acm_arn"></a> [acm\_arn](#input\_acm\_arn) | ACM cert arn | `string` | `""` | no |
 | <a name="input_allowed_methods"></a> [allowed\_methods](#input\_allowed\_methods) | Allowed methods | `list(any)` | <pre>[<br>  "GET",<br>  "HEAD"<br>]</pre> | no |
 | <a name="input_cache_policy_id"></a> [cache\_policy\_id](#input\_cache\_policy\_id) | AWS managed cache policy id | `string` | `""` | no |
 | <a name="input_cached_methods"></a> [cached\_methods](#input\_cached\_methods) | Cached methods | `list(any)` | <pre>[<br>  "GET",<br>  "HEAD"<br>]</pre> | no |
@@ -40,13 +40,21 @@ No modules.
 | <a name="input_lambda_function_association"></a> [lambda\_function\_association](#input\_lambda\_function\_association) | Lambda edge association | `list(any)` | `[]` | no |
 | <a name="input_logging_config"></a> [logging\_config](#input\_logging\_config) | Cloudfront logging config | `map(any)` | `{}` | no |
 | <a name="input_origin"></a> [origin](#input\_origin) | Origin configuration | `any` | n/a | yes |
+| <a name="input_origin_request_policy_id"></a> [origin\_request\_policy\_id](#input\_origin\_request\_policy\_id) | Unique identifier of the origin request policy that is attached to the behavior | `string` | `""` | no |
 | <a name="input_route53_zone_id"></a> [route53\_zone\_id](#input\_route53\_zone\_id) | Route53 zone id | `string` | `""` | no |
+| <a name="input_ttl_values"></a> [ttl\_values](#input\_ttl\_values) | map of ttl variables | `map(any)` | `{}` | no |
 | <a name="input_web_acl_id"></a> [web\_acl\_id](#input\_web\_acl\_id) | WAF web ACL id | `string` | `""` | no |
-| <a name="input_ttl_values"></a> [ttl\_values](#input\_ttl\_values) | ttl values | `map` | {} | no |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
-| <a name="output_cloudfront_arn"></a> [cloudfront\_arn](#output\_cloudfront\_arn) | n/a |
-| <a name="output_cloudfront_id"></a> [cloudfront\_id](#output\_cloudfront\_id) | n/a |
+| <a name="output_aliases"></a> [aliases](#output\_aliases) | n/a |
+| <a name="output_arn"></a> [arn](#output\_arn) | n/a |
+| <a name="output_domain_name"></a> [domain\_name](#output\_domain\_name) | n/a |
+| <a name="output_hosted_zone_id"></a> [hosted\_zone\_id](#output\_hosted\_zone\_id) | n/a |
+| <a name="output_id"></a> [id](#output\_id) | n/a |
+
+## License
+
+Apache 2 Licensed. See [LICENSE](https://github.com/TechHoldingLLC/terraform-aws-cloudfront/blob/main/LICENSE) for full details.
diff --git a/cloudfront.tf b/cloudfront.tf
@@ -53,16 +53,17 @@ resource "aws_cloudfront_distribution" "cloudfront" {
   default_root_object = var.default_root_object
 
   default_cache_behavior {
-    allowed_methods  = var.allowed_methods
-    cached_methods   = var.cached_methods
-    target_origin_id = var.origin["origin_id"]
-    cache_policy_id  = var.cache_policy_id
+    allowed_methods          = var.allowed_methods
+    cached_methods           = var.cached_methods
+    target_origin_id         = var.origin["origin_id"]
+    cache_policy_id          = var.cache_policy_id
+    origin_request_policy_id = var.origin_request_policy_id
 
-    viewer_protocol_policy = "redirect-to-https"
+    viewer_protocol_policy = var.viewer_protocol_policy
     compress               = true
-    min_ttl                = lookup(var.ttl_values,"min_ttl",0)
-    max_ttl                = lookup(var.ttl_values,"max_ttl",86400)
-    default_ttl            = lookup(var.ttl_values,"default_ttl",3600)
+    min_ttl                = lookup(var.ttl_values, "min_ttl", 0)
+    max_ttl                = lookup(var.ttl_values, "max_ttl", 86400)
+    default_ttl            = lookup(var.ttl_values, "default_ttl", 3600)
 
     dynamic "forwarded_values" {
       for_each = var.cache_policy_id != "" ? [] : [1]
diff --git a/variables.tf b/variables.tf
@@ -102,4 +102,16 @@ variable "ttl_values" {
   description = "map of ttl variables"
   type        = map(any)
   default     = {}
+}
+
+variable "origin_request_policy_id" {
+  description = "Unique identifier of the origin request policy that is attached to the behavior"
+  type        = string
+  default     = ""
+}
+
+variable "viewer_protocol_policy" {
+  description = "the protocol that users can use to access the files in the origin, valid values are allow-all, https-only, or redirect-to-https."
+  type        = string
+  default     = "redirect-to-https"
 }
