52 lines
1.4 KiB
HCL
52 lines
1.4 KiB
HCL
resource "aws_cloudfront_distribution" "api-by-becki" {
|
|
origin {
|
|
domain_name = "abb.gmem.ca"
|
|
origin_id = "abb.gmem.ca"
|
|
custom_origin_config {
|
|
http_port = 80
|
|
https_port = 443
|
|
origin_protocol_policy = "https-only"
|
|
origin_ssl_protocols = ["TLSv1.2"]
|
|
}
|
|
}
|
|
|
|
default_cache_behavior {
|
|
allowed_methods = ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]
|
|
cached_methods = ["GET", "HEAD"]
|
|
target_origin_id = "abb.gmem.ca"
|
|
viewer_protocol_policy = "redirect-to-https"
|
|
cache_policy_id = "658327ea-f89d-4fab-a63d-7e88639e58f6"
|
|
response_headers_policy_id = "eaab4381-ed33-4a86-88ca-d9558dc6cd63"
|
|
}
|
|
|
|
|
|
http_version = "http2and3"
|
|
|
|
enabled = true
|
|
is_ipv6_enabled = true
|
|
|
|
aliases = ["api-by-becki.gmem.ca"]
|
|
viewer_certificate {
|
|
acm_certificate_arn = aws_acm_certificate.api-by-becki.arn
|
|
ssl_support_method = "sni-only"
|
|
}
|
|
|
|
|
|
restrictions {
|
|
geo_restriction {
|
|
restriction_type = "none"
|
|
}
|
|
}
|
|
}
|
|
|
|
resource "aws_acm_certificate" "api-by-becki" {
|
|
domain_name = "api-by-becki.gmem.ca"
|
|
validation_method = "DNS"
|
|
provider = aws.virginia
|
|
}
|
|
|
|
resource "aws_acm_certificate_validation" "api-by-becki" {
|
|
certificate_arn = aws_acm_certificate.api-by-becki.arn
|
|
validation_record_fqdns = [for record in aws_route53_record.api-by-becki-acm : record.fqdn]
|
|
provider = aws.virginia
|
|
} |