Cloudfront for api-by-becki
This commit is contained in:
parent
3ac01e0cd0
commit
7a5c17e1ae
63
terraform/cloudfront.tf
Normal file
63
terraform/cloudfront.tf
Normal file
|
@ -0,0 +1,63 @@
|
|||
resource "aws_cloudfront_distribution" "api-by-becki" {
|
||||
origin {
|
||||
domain_name = "abb.gmem.ca"
|
||||
origin_id = "abb.gmem.ca"
|
||||
custom_origin_config {
|
||||
http_port = 80
|
||||
https_port = 443
|
||||
origin_protocol_policy = "https-only"
|
||||
origin_ssl_protocols = ["TLSv1.2"]
|
||||
}
|
||||
}
|
||||
|
||||
default_cache_behavior {
|
||||
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
|
||||
cached_methods = ["GET", "HEAD"]
|
||||
target_origin_id = "abb.gmem.ca"
|
||||
viewer_protocol_policy = "allow-all"
|
||||
min_ttl = 0
|
||||
default_ttl = 3600
|
||||
max_ttl = 86400
|
||||
|
||||
forwarded_values {
|
||||
query_string = true
|
||||
|
||||
cookies {
|
||||
forward = "all"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
http_version = "http2and3"
|
||||
|
||||
enabled = true
|
||||
is_ipv6_enabled = true
|
||||
|
||||
aliases = ["api-by-becki.gmem.ca"]
|
||||
viewer_certificate {
|
||||
acm_certificate_arn = aws_acm_certificate.api-by-becki.arn
|
||||
ssl_support_method = "sni-only"
|
||||
}
|
||||
|
||||
|
||||
restrictions {
|
||||
geo_restriction {
|
||||
restriction_type = "none"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_acm_certificate" "api-by-becki" {
|
||||
domain_name = "api-by-becki.gmem.ca"
|
||||
validation_method = "DNS"
|
||||
provider = aws.virginia
|
||||
}
|
||||
|
||||
resource "aws_acm_certificate_validation" "api-by-becki" {
|
||||
certificate_arn = aws_acm_certificate.api-by-becki.arn
|
||||
validation_record_fqdns = [
|
||||
aws_route53_record.api-by-becki-primary.fqdn
|
||||
]
|
||||
provider = aws.virginia
|
||||
}
|
|
@ -8,4 +8,33 @@ resource "aws_route53_record" "api-by-becki" {
|
|||
type = "A"
|
||||
ttl = 300
|
||||
records = ["168.119.154.189"]
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_route53_record" "api-by-becki-primary" {
|
||||
zone_id = aws_route53_zone.gmemca.zone_id
|
||||
name = "api-by-becki"
|
||||
type = "A"
|
||||
|
||||
alias {
|
||||
name = "${aws_cloudfront_distribution.api-by-becki.domain_name}"
|
||||
zone_id = "${aws_cloudfront_distribution.api-by-becki.hosted_zone_id}"
|
||||
evaluate_target_health = false
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_route53_record" "api-by-becki-acm" {
|
||||
for_each = {
|
||||
for dvo in aws_acm_certificate.api-by-becki.domain_validation_options : dvo.domain_name => {
|
||||
name = dvo.resource_record_name
|
||||
record = dvo.resource_record_value
|
||||
type = dvo.resource_record_type
|
||||
}
|
||||
}
|
||||
|
||||
allow_overwrite = true
|
||||
name = each.value.name
|
||||
records = [each.value.record]
|
||||
ttl = 60
|
||||
type = each.value.type
|
||||
zone_id = aws_route53_zone.gmemca.zone_id
|
||||
}
|
||||
|
|
|
@ -1,12 +1,12 @@
|
|||
terraform {
|
||||
required_providers {
|
||||
vercel = {
|
||||
source = "vercel/vercel"
|
||||
source = "vercel/vercel"
|
||||
version = "~> 0.3"
|
||||
}
|
||||
aws = {
|
||||
source = "hashicorp/aws"
|
||||
version = "4.28.0"
|
||||
source = "hashicorp/aws"
|
||||
version = "4.28.0"
|
||||
}
|
||||
}
|
||||
backend "s3" {
|
||||
|
@ -15,3 +15,8 @@ terraform {
|
|||
region = "eu-west-2"
|
||||
}
|
||||
}
|
||||
|
||||
provider "aws" {
|
||||
alias = "virginia"
|
||||
region = "us-east-1"
|
||||
}
|
|
@ -32,6 +32,8 @@ spec:
|
|||
- name: API_COUCH_DATABASE
|
||||
value: art-by-becki
|
||||
resources:
|
||||
requests:
|
||||
cpu: "1m"
|
||||
limits:
|
||||
memory: "128Mi"
|
||||
cpu: "500m"
|
||||
|
|
Loading…
Reference in a new issue