| acm_certificate_arn |
Existing ACM Certificate ARN. |
string |
"" |
no |
| aliases |
List of FQDN's - Used to set the Alternate Domain Names (CNAMEs) setting on Cloudfront. |
list(string) |
[] |
no |
| allowed_methods |
List of allowed methods (e.g. GET, PUT, POST, DELETE, HEAD) for AWS CloudFront. |
list(string) |
[
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT"
] |
no |
| bucket_name |
A unique identifier for the origin. |
string |
"" |
no |
| cached_methods |
List of cached methods (e.g. GET, PUT, POST, DELETE, HEAD). |
list(string) |
[
"GET",
"HEAD"
] |
no |
| cdn_enabled |
Select Enabled if you want to created CloudFront. |
bool |
true |
no |
| comment |
Comment for the origin access identity. |
string |
"Managed by Clouddrove" |
no |
| compress |
Compress content for web requests that include Accept-Encoding: gzip in the request header. |
bool |
false |
no |
| continuous_deployment_policy_id |
Identifier of a continuous deployment policy. This argument should only be set on a production distribution. |
string |
null |
no |
| create_origin_access_control |
Controls if CloudFront origin access control should be created |
bool |
false |
no |
| create_origin_access_identity |
Controls if CloudFront origin access identity should be created |
bool |
false |
no |
| create_vpc_origin |
If enabled, the resource for VPC origin will be created. |
bool |
false |
no |
| custom_domain |
If cdn create with custom Domain. |
bool |
false |
no |
| custom_error_response |
One or more custom error response elements |
any |
{} |
no |
| default_cache_behavior |
The default cache behavior for this distribution |
any |
null |
no |
| default_root_object |
Object that CloudFront return when requests the root URL. |
string |
"index.html" |
no |
| default_ttl |
Default amount of time (in seconds) that an object is in a CloudFront cache. |
number |
60 |
no |
| domain_name |
The DNS domain name of your custom origin (e.g. clouddrove.com). |
string |
"" |
no |
| enabled |
Select Enabled if you want CloudFront to begin processing requests as soon as the distribution is created, or select Disabled if you do not want CloudFront to begin processing requests after the distribution is created. |
bool |
true |
no |
| enabled_bucket |
If cdn create with s3 bucket. |
bool |
false |
no |
| environment |
Environment (e.g. prod, dev, staging). |
string |
"" |
no |
| error_caching_min_ttl |
the value of errro caching min ttl |
string |
"10" |
no |
| error_code |
List of forwarded cookie names. |
string |
"403" |
no |
| forward_cookies |
Time in seconds that browser can cache the response for S3 bucket. |
string |
"none" |
no |
| forward_cookies_whitelisted_names |
List of forwarded cookie names. |
list(any) |
[] |
no |
| forward_header_values |
A list of whitelisted header values to forward to the origin. |
list(string) |
[
"Access-Control-Request-Headers",
"Access-Control-Request-Method",
"Origin"
] |
no |
| forward_query_string |
Forward query strings to the origin that is associated with this cache behavior. |
bool |
false |
no |
| geo_restriction |
The restriction configuration for this distribution (geo_restrictions) |
any |
{} |
no |
| geo_restriction_locations |
List of country codes for which CloudFront either to distribute content (whitelist) or not distribute your content (blacklist). |
list(string) |
[] |
no |
| geo_restriction_type |
Method that use to restrict distribution of your content by country: none, whitelist, or blacklist. |
string |
"none" |
no |
| http_version |
The maximum HTTP version to support on the distribution. Allowed values are http1.1, http2, http2and3, and http3. The default is http2. |
string |
"http2" |
no |
| is_ipv6_enabled |
State of CloudFront IPv6. |
bool |
true |
no |
| label_order |
Label order, e.g. name,application. |
list(any) |
[
"name",
"environment"
] |
no |
| logging_config |
The logging configuration that controls how logs are written to your distribution (maximum one). |
any |
{} |
no |
| managedby |
ManagedBy, eg 'CloudDrove'. |
string |
"hello@clouddrove.com" |
no |
| max_ttl |
Maximum amount of time (in seconds) that an object is in a CloudFront cache. |
number |
31536000 |
no |
| min_ttl |
Minimum amount of time that you want objects to stay in CloudFront caches. |
number |
0 |
no |
| name |
Name (e.g. app or cluster). |
string |
"" |
no |
| ordered_cache_behavior |
An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. |
any |
[] |
no |
| origin |
One or more origins for this distribution (multiples allowed). |
any |
null |
no |
| origin_access_control |
Map of CloudFront origin access control |
map(object({
description = string
origin_type = string
signing_behavior = string
signing_protocol = string
})) |
{
"s3": {
"description": "",
"origin_type": "s3",
"signing_behavior": "always",
"signing_protocol": "sigv4"
}
} |
no |
| origin_access_identities |
Map of CloudFront origin access identities (value as a comment) |
map(string) |
{} |
no |
| origin_group |
One or more origin_group for this distribution (multiples allowed). |
any |
{} |
no |
| origin_http_port |
The HTTP port the custom origin listens on. |
number |
80 |
no |
| origin_https_port |
The HTTPS port the custom origin listens on. |
number |
443 |
no |
| origin_keepalive_timeout |
The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of 60. But you can request an increase. |
number |
60 |
no |
| origin_path |
An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin. It must begin with a /. Do not add a / at the end of the path. |
string |
"" |
no |
| origin_protocol_policy |
The origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer. |
string |
"match-viewer" |
no |
| origin_read_timeout |
The Custom Read timeout, in seconds. By default, AWS enforces a limit of 60. But you can request an increase. |
number |
60 |
no |
| origin_ssl_protocols |
The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. |
list(string) |
[
"TLSv1",
"TLSv1.1",
"TLSv1.2"
] |
no |
| price_class |
Price class for this distribution: PriceClass_All, PriceClass_200, PriceClass_100. |
string |
"PriceClass_100" |
no |
| public_key |
It encoded public key that you want to add to CloudFront to use with features like field-level encryption. |
string |
"" |
no |
| public_key_enable |
Public key enable or disable. |
bool |
false |
no |
| repository |
Terraform current module repo |
string |
"https://github.com/clouddrove/terraform-aws-cloudfront-cdn" |
no |
| response_code |
page not found code |
string |
"404" |
no |
| response_page_path |
The path of the custom error page (for example, /custom_404.html). |
string |
"/index.html" |
no |
| retain_on_delete |
Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards. |
bool |
false |
no |
| smooth_streaming |
Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. |
bool |
false |
no |
| staging |
Whether the distribution is a staging distribution. |
bool |
false |
no |
| trusted_signers |
The AWS accounts, if any, that you want to allow to create signed URLs for private content. |
list(string) |
[] |
no |
| viewer_certificate |
The SSL configuration for this distribution |
any |
{
"cloudfront_default_certificate": true,
"minimum_protocol_version": "TLSv1"
} |
no |
| viewer_protocol_policy |
Allow-all, redirect-to-https. |
string |
"" |
no |
| vpc_origin |
Map of CloudFront VPC origin |
map(object({
name = string
arn = string
http_port = number
https_port = number
origin_protocol_policy = string
origin_ssl_protocols = object({
items = list(string)
quantity = number
})
})) |
{} |
no |
| wait_for_deployment |
If enabled, the resource will wait for the distribution status to change from InProgress to Deployed. Setting this to false will skip the process. |
bool |
true |
no |
| web_acl_id |
Web ACL ID that can be attached to the Cloudfront distribution. |
string |
"" |
no |