You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix: Define all the defaults in the variables.tf file (#149)
* fix: Define all the defaults in the variables.tf file
* fix: Update an example to ensure optional defaults get applied
* docs: Re-generate Markdown files
* fix: Add missing `forward_cookies_whitelisted_names` field
When `forward_cookies` is set to `whitelist` it should be possible to
define which cookies are forwarded to the origin
* docs: Update Markdown files
* docs: Remove redundant new lines added to the README.md file
* fix: Update incorrect allowed_methods param in one of the examples
* fix: Zero whitelisted cookie names unless user used `forward = "whitelist"` setting
* fix: Use null for shield region
Since shield is disabled by default, the region field should fallback to
null
---------
Co-authored-by: yangci <[email protected]>
Copy file name to clipboardExpand all lines: README.md
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -149,7 +149,7 @@ Available targets:
149
149
| <aname="input_comment"></a> [comment](#input\_comment)| Comment for the origin access identity |`string`|`"Managed by Terraform"`| no |
150
150
| <aname="input_compress"></a> [compress](#input\_compress)| Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false) |`bool`|`false`| no |
151
151
| <aname="input_context"></a> [context](#input\_context)| Single object for setting entire context at once.<br/>See description of individual variables for details.<br/>Leave string and numeric variables as `null` to use default value.<br/>Individual variable settings (non-null) override settings in context object,<br/>except for attributes, tags, and additional\_tag\_map, which are merged. |`any`| <pre>{<br/> "additional_tag_map": {},<br/> "attributes": [],<br/> "delimiter": null,<br/> "descriptor_formats": {},<br/> "enabled": true,<br/> "environment": null,<br/> "id_length_limit": null,<br/> "label_key_case": null,<br/> "label_order": [],<br/> "label_value_case": null,<br/> "labels_as_tags": [<br/> "unset"<br/> ],<br/> "name": null,<br/> "namespace": null,<br/> "regex_replace_chars": null,<br/> "stage": null,<br/> "tags": {},<br/> "tenant": null<br/>}</pre> | no |
152
-
| <aname="input_custom_error_response"></a> [custom\_error\_response](#input\_custom\_error\_response)| List of one or more custom error response element maps | <pre>list(object({<br/> error_caching_min_ttl = string<br/> error_code = string<br/> response_code = string<br/> response_page_path = string<br/> }))</pre> |`[]`| no |
152
+
| <aname="input_custom_error_response"></a> [custom\_error\_response](#input\_custom\_error\_response)| List of one or more custom error response element maps | <pre>list(object({<br/> error_caching_min_ttl = optional(string, null)<br/> error_code = string<br/> response_code = optional(string, null)<br/> response_page_path = optional(string, null)<br/> }))</pre> |`[]`| no |
153
153
| <aname="input_custom_header"></a> [custom\_header](#input\_custom\_header)| List of one or more custom headers passed to the origin | <pre>list(object({<br/> name = string<br/> value = string<br/> }))</pre> |`[]`| no |
154
154
| <a name="input_custom_origins"></a> [custom\_origins](#input\_custom\_origins) | One or more custom origins for this distribution (multiples allowed). See documentation for configuration options description https://www.terraform.io/docs/providers/aws/r/cloudfront_distribution.html#origin-arguments | <pre>list(object({<br/> domain_name = string<br/> origin_id = string<br/> origin_path = optional(string, "")<br/> origin_access_control_id = optional(string, null)<br/> custom_headers = optional(list(object({<br/> name = string<br/> value = string<br/> })), [])<br/> custom_origin_config = optional(object({<br/> http_port = optional(number, 80)<br/> https_port = optional(number, 443)<br/> origin_protocol_policy = optional(string, "match-viewer")<br/> origin_ssl_protocols = optional(list(string), ["TLSv1", "TLSv1.1", "TLSv1.2"])<br/> origin_keepalive_timeout = optional(number, 5)<br/> origin_read_timeout = optional(number, 30)<br/> }), null)<br/> s3_origin_config = optional(object({<br/> origin_access_identity = string<br/> }), null)<br/> origin_shield = optional(object({<br/> enabled = optional(bool, false)<br/> region = optional(string, "")<br/> }), null)<br/> }))</pre> | `[]` | no |
155
155
| <aname="input_default_root_object"></a> [default\_root\_object](#input\_default\_root\_object)| Object that CloudFront return when requests the root URL |`string`|`"index.html"`| no |
@@ -175,7 +175,7 @@ Available targets:
175
175
| <aname="input_label_order"></a> [label\_order](#input\_label\_order)| The order in which the labels (ID elements) appear in the `id`.<br/>Defaults to ["namespace", "environment", "stage", "name", "attributes"].<br/>You can omit any of the 6 labels ("tenant" is the 6th), but at least one must be present. |`list(string)`|`null`| no |
176
176
| <aname="input_label_value_case"></a> [label\_value\_case](#input\_label\_value\_case)| Controls the letter case of ID elements (labels) as included in `id`,<br/>set as tag values, and output by this module individually.<br/>Does not affect values of tags passed in via the `tags` input.<br/>Possible values: `lower`, `title`, `upper` and `none` (no transformation).<br/>Set this to `title` and set `delimiter` to `""` to yield Pascal Case IDs.<br/>Default value: `lower`. |`string`|`null`| no |
177
177
| <aname="input_labels_as_tags"></a> [labels\_as\_tags](#input\_labels\_as\_tags)| Set of labels (ID elements) to include as tags in the `tags` output.<br/>Default is to include all labels.<br/>Tags with empty values will not be included in the `tags` output.<br/>Set to `[]` to suppress all generated tags.<br/>**Notes:**<br/> The value of the `name` tag, if included, will be the `id`, not the `name`.<br/> Unlike other `null-label` inputs, the initial setting of `labels_as_tags` cannot be<br/> changed in later chained modules. Attempts to change it will be silently ignored. |`set(string)`| <pre>[<br/> "default"<br/>]</pre> | no |
178
-
| <aname="input_lambda_function_association"></a> [lambda\_function\_association](#input\_lambda\_function\_association)| A config block that triggers a Lambda@Edge function with specific actions | <pre>list(object({<br/> event_type = string<br/> include_body = bool<br/> lambda_arn = string<br/> }))</pre> |`[]`| no |
178
+
| <aname="input_lambda_function_association"></a> [lambda\_function\_association](#input\_lambda\_function\_association)| A config block that triggers a Lambda@Edge function with specific actions | <pre>list(object({<br/> event_type = string<br/> include_body = optional(bool, false)<br/> lambda_arn = string<br/> }))</pre> |`[]`| no |
179
179
| <aname="input_log_bucket_fqdn"></a> [log\_bucket\_fqdn](#input\_log\_bucket\_fqdn)| Optional fqdn of logging bucket, if not supplied a bucket will be generated. |`string`|`""`| no |
180
180
| <aname="input_log_expiration_days"></a> [log\_expiration\_days](#input\_log\_expiration\_days)| Number of days after which to expunge the objects |`number`|`90`| no |
181
181
| <aname="input_log_force_destroy"></a> [log\_force\_destroy](#input\_log\_force\_destroy)| Applies to log bucket created by this module only. If true, all objects will be deleted from the bucket on destroy, so that the bucket can be destroyed without error. These objects are not recoverable. |`bool`|`false`| no |
@@ -188,7 +188,7 @@ Available targets:
188
188
| <aname="input_min_ttl"></a> [min\_ttl](#input\_min\_ttl)| Minimum amount of time that you want objects to stay in CloudFront caches |`number`|`0`| no |
189
189
| <aname="input_name"></a> [name](#input\_name)| ID element. Usually the component or solution name, e.g. 'app' or 'jenkins'.<br/>This is the only ID element not also included as a `tag`.<br/>The "name" tag is set to the full `id` string. There is no tag with the value of the `name` input. |`string`|`null`| no |
190
190
| <aname="input_namespace"></a> [namespace](#input\_namespace)| ID element. Usually an abbreviation of your organization name, e.g. 'eg' or 'cp', to help ensure generated IDs are globally unique |`string`|`null`| no |
191
-
| <a name="input_ordered_cache"></a> [ordered\_cache](#input\_ordered\_cache) | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.<br/>The fields can be described by the other variables in this file. For example, the field 'lambda\_function\_association' in this object has<br/>a description in var.lambda\_function\_association variable earlier in this file. The only difference is that fields on this object are in ordered caches, whereas the rest<br/>of the vars in this file apply only to the default cache. Put value `""` on field `target_origin_id` to specify default s3 bucket origin. | <pre>list(object({<br/> target_origin_id = string<br/> path_pattern = string<br/><br/> allowed_methods = optional(list(string), ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"])<br/> cached_methods = optional(list(string), ["GET", "HEAD"])<br/> cache_policy_id = optional(string, null)<br/> origin_request_policy_id = optional(string, null)<br/> compress = optional(bool, false)<br/><br/> viewer_protocol_policy = optional(string, "redirect-to-https")<br/> min_ttl = optional(number, 0)<br/> default_ttl = optional(number, 60)<br/> max_ttl = optional(number, 31536000)<br/><br/> forward_query_string = optional(bool, false)<br/> forward_header_values = optional(list(string), [])<br/> forward_cookies = optional(string, "none")<br/><br/> response_headers_policy_id = optional(string, "")<br/><br/> grpc_config = optional(object({<br/> enabled = bool<br/> }), { enabled = false })<br/><br/> lambda_function_association = optional(list(object({<br/> event_type = string<br/> include_body = bool<br/> lambda_arn = string<br/> })), [])<br/><br/> function_association = optional(list(object({<br/> event_type = string<br/> function_arn = string<br/> })), [])<br/> }))</pre> | `[]` | no |
191
+
| <a name="input_ordered_cache"></a> [ordered\_cache](#input\_ordered\_cache) | An ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.<br/>The fields can be described by the other variables in this file. For example, the field 'lambda\_function\_association' in this object has<br/>a description in var.lambda\_function\_association variable earlier in this file. The only difference is that fields on this object are in ordered caches, whereas the rest<br/>of the vars in this file apply only to the default cache. Put value `""` on field `target_origin_id` to specify default s3 bucket origin. | <pre>list(object({<br/> target_origin_id = string<br/> path_pattern = string<br/><br/> allowed_methods = optional(list(string), ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"])<br/> cached_methods = optional(list(string), ["GET", "HEAD"])<br/> cache_policy_id = optional(string, null)<br/> origin_request_policy_id = optional(string, null)<br/> compress = optional(bool, false)<br/><br/> viewer_protocol_policy = optional(string, "redirect-to-https")<br/> min_ttl = optional(number, 0)<br/> default_ttl = optional(number, 60)<br/> max_ttl = optional(number, 31536000)<br/><br/> forward_query_string = optional(bool, false)<br/> forward_header_values = optional(list(string), [])<br/> forward_cookies = optional(string, "none")<br/> forward_cookies_whitelisted_names = optional(list(string), [])<br/><br/> response_headers_policy_id = optional(string, "")<br/><br/> grpc_config = optional(object({<br/> enabled = bool<br/> }), { enabled = false })<br/><br/> lambda_function_association = optional(list(object({<br/> event_type = string<br/> include_body = optional(bool, false)<br/> lambda_arn = string<br/> })), [])<br/><br/> function_association = optional(list(object({<br/> event_type = string<br/> function_arn = string<br/> })), [])<br/> }))</pre> | `[]` | no |
192
192
| <aname="input_origin_access_control_id"></a> [origin\_access\_control\_id](#input\_origin\_access\_control\_id)| CloudFront provides two ways to send authenticated requests to an Amazon S3 origin: origin access control (OAC) and origin access identity (OAI). OAC helps you secure your origins, such as for Amazon S3. |`string`|`null`| no |
193
193
| <aname="input_origin_access_identity_enabled"></a> [origin\_access\_identity\_enabled](#input\_origin\_access\_identity\_enabled)| When true, creates origin access identity resource |`bool`|`true`| no |
194
194
| <aname="input_origin_domain_name"></a> [origin\_domain\_name](#input\_origin\_domain\_name)| The DNS domain name of your custom origin (e.g. website) |`string`|`""`| no |
@@ -199,7 +199,7 @@ Available targets:
199
199
| <aname="input_origin_protocol_policy"></a> [origin\_protocol\_policy](#input\_origin\_protocol\_policy)| The origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer |`string`|`"match-viewer"`| no |
200
200
| <aname="input_origin_read_timeout"></a> [origin\_read\_timeout](#input\_origin\_read\_timeout)| The Custom Read timeout, in seconds. By default, AWS enforces a limit of 60. But you can request an increase. |`number`|`30`| no |
201
201
| <aname="input_origin_request_policy_id"></a> [origin\_request\_policy\_id](#input\_origin\_request\_policy\_id)| ID of the origin request policy attached to the cache behavior |`string`|`null`| no |
202
-
| <aname="input_origin_shield"></a> [origin\_shield](#input\_origin\_shield)| The CloudFront Origin Shield settings | <pre>object({<br/> enabled = bool<br/> region = string<br/> })</pre> |`null`| no |
202
+
| <aname="input_origin_shield"></a> [origin\_shield](#input\_origin\_shield)| The CloudFront Origin Shield settings | <pre>object({<br/> enabled = optional(bool, false)<br/> region = optional(string, "")<br/> })</pre> |`null`| no |
203
203
| <aname="input_origin_ssl_protocols"></a> [origin\_ssl\_protocols](#input\_origin\_ssl\_protocols)| The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS |`list(string)`| <pre>[<br/> "TLSv1",<br/> "TLSv1.1",<br/> "TLSv1.2"<br/>]</pre> | no |
204
204
| <aname="input_origin_type"></a> [origin\_type](#input\_origin\_type)| The type of origin configuration to use. Valid values are 'custom' or 's3'. |`string`|`"custom"`| no |
205
205
| <aname="input_parent_zone_id"></a> [parent\_zone\_id](#input\_parent\_zone\_id)| ID of the hosted zone to contain this record (or specify `parent_zone_name`) |`string`|`""`| no |
0 commit comments