Initial commit

Author: stlln

.gitignore

@@ -0,0 +1,2 @@
+.terraform
+.idea

.terraform.docs.yml

@@ -0,0 +1,7 @@
+version: ">= 0.13.0, < 1.0.0"
+formatter: "markdown table"
+output:
+  file: README.md
+  mode: replace
+header-from: "docs/.header.md"
+footer-from: "docs/.footer.md"

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2022 SmartAssist Tech Private Limited
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

README.md

@@ -0,0 +1,61 @@
+<!-- BEGIN_TF_DOCS -->
+# AWS Static Website Terraform Module
+
+## What does it do?
+
+Creates a static website with all the necessary dependencies:
+
+- S3 Bucket
+- S3 Bucket Website Configuration
+- IAM user with deploy permissions
+- Validated ACM cert (in us-east-1)
+- CloudFront distribution
+- DNS record for domain name
+
+**Currently, only supports Cloudflare for DNS records**
+
+## Requirements
+
+| Name | Version |
+|------|---------|
+| <a name="requirement_aws"></a> [aws](#requirement\_aws) | >= 4.15, < 5.0 |
+| <a name="requirement_cloudflare"></a> [cloudflare](#requirement\_cloudflare) | >= 3.15, < 4.0 |
+
+## Providers
+
+| Name | Version |
+|------|---------|
+| <a name="provider_aws"></a> [aws](#provider\_aws) | >= 4.15, < 5.0 |
+| <a name="provider_cloudflare"></a> [cloudflare](#provider\_cloudflare) | >= 3.15, < 4.0 |
+
+## Modules
+
+| Name | Source | Version |
+|------|--------|---------|
+| <a name="module_certificate"></a> [certificate](#module\_certificate) | smartassistco/cloudflare-validated-acm/aws | n/a |
+| <a name="module_s3website"></a> [s3website](#module\_s3website) | smartassistco/s3website/aws | n/a |
+
+## Resources
+
+| Name | Type |
+|------|------|
+| [aws_cloudfront_distribution.cloudfront_distribution](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |
+| [cloudflare_record.dns_record](https://registry.terraform.io/providers/cloudflare/cloudflare/latest/docs/resources/record) | resource |
+
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| <a name="input_cloudflare_zone_id"></a> [cloudflare\_zone\_id](#input\_cloudflare\_zone\_id) | The Zone ID for the DNS provider | `string` | n/a | yes |
+| <a name="input_domain_name"></a> [domain\_name](#input\_domain\_name) | The domain name for the website, e.g. demo.example.com | `string` | n/a | yes |
+| <a name="input_error_file"></a> [error\_file](#input\_error\_file) | The name of the error file in the S3 bucket | `string` | `"404.html"` | no |
+| <a name="input_index_file"></a> [index\_file](#input\_index\_file) | The name of the error file in the S3 bucket | `string` | `"index.html"` | no |
+| <a name="input_project_name"></a> [project\_name](#input\_project\_name) | The name of the project, which will be used to create the S3 bucket and deploy user. e.g. demo-website | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| <a name="output_deploy_bucket"></a> [deploy\_bucket](#output\_deploy\_bucket) | The S3 bucket to deploy the website files |
+| <a name="output_deploy_user_creds"></a> [deploy\_user\_creds](#output\_deploy\_user\_creds) | The AWS credentials for the deploy user |
+<!-- END_TF_DOCS -->

docs/.footer.md

@@ -0,0 +1,14 @@
+# AWS Static Website Terraform Module
+
+## What does it do?
+
+Creates a static website with all the necessary dependencies:
+
+- S3 Bucket
+- S3 Bucket Website Configuration
+- IAM user with deploy permissions
+- Validated ACM cert (in us-east-1)
+- CloudFront distribution
+- DNS record for domain name
+
+**Currently, only supports Cloudflare for DNS records**

docs/.header.md

@@ -0,0 +1,3 @@
+# AWS Static Website
+
+Standard configuration

examples/complete/README.md

@@ -0,0 +1,12 @@
+module "sample_website" {
+  source = "smartassistco/staticwebsite/aws"
+
+  project_name       = "sample-website"
+  domain_name        = "testing.example.com"
+  cloudflare_zone_id = "xxxxxxxxxxxxxxxxxx"
+
+  providers = {
+    aws.bucket-region = aws,
+    aws.us-east-1     = aws.useast1
+  }
+}

examples/complete/main.tf

@@ -0,0 +1,7 @@
+output "sample_website_deploy_info" {
+  value = {
+    bucket = module.sample_website.deploy_bucket,
+    creds  = module.sample_website.deploy_user_creds
+  }
+  sensitive = true
+}

examples/complete/outputs.tf

@@ -0,0 +1,9 @@
+provider "aws" {
+  region = "eu-west-1"
+}
+
+provider "aws" {
+  alias = "useast1"
+
+  region = "us-east-1"
+}

examples/complete/provider_aws.tf

@@ -0,0 +1,13 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.15, < 5.0"
+    }
+
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = ">= 3.15, < 4.0"
+    }
+  }
+}

examples/complete/variables.tf

@@ -0,0 +1,11 @@
+# Certificate
+module "certificate" {
+  source = "smartassistco/cloudflare-validated-acm/aws"
+
+  cloudflare_zone_id = var.cloudflare_zone_id
+  domain_name        = var.domain_name
+
+  providers = {
+    aws = aws.us-east-1
+  }
+}

examples/complete/versions.tf

@@ -0,0 +1,53 @@
+# CloudFront Distribution
+resource "aws_cloudfront_distribution" "cloudfront_distribution" {
+  enabled         = true
+  is_ipv6_enabled = true
+
+  viewer_certificate {
+    cloudfront_default_certificate = false
+    acm_certificate_arn            = module.certificate.validated_certificate.certificate_arn
+    minimum_protocol_version       = "TLSv1.2_2021"
+    ssl_support_method             = "sni-only"
+  }
+
+  aliases = [var.domain_name]
+
+  restrictions {
+    geo_restriction {
+      restriction_type = "none"
+    }
+  }
+
+  origin {
+    domain_name = module.s3website.website_endpoint
+    origin_id   = "S3StaticWebsiteOrigin"
+
+    custom_origin_config {
+      origin_protocol_policy = "http-only"
+      http_port              = 80
+      https_port             = 443
+      origin_ssl_protocols   = ["TLSv1.2"]
+    }
+  }
+
+  default_cache_behavior {
+    target_origin_id       = "S3StaticWebsiteOrigin"
+    compress               = true
+    viewer_protocol_policy = "redirect-to-https"
+
+    allowed_methods = ["GET", "HEAD"]
+    cached_methods  = ["GET", "HEAD"]
+
+    min_ttl     = 0
+    default_ttl = 600
+    max_ttl     = 600
+
+    forwarded_values {
+      query_string = false
+
+      cookies {
+        forward = "none"
+      }
+    }
+  }
+}

main-acm.tf

@@ -0,0 +1,12 @@
+locals {
+  root_domain = join(".", reverse(slice(reverse(split(".", var.domain_name)), 0, 2)))
+  record_name = var.domain_name == local.root_domain ? var.domain_name : replace(var.domain_name, ".${local.root_domain}", "")
+}
+
+resource "cloudflare_record" "dns_record" {
+  zone_id = var.cloudflare_zone_id
+  name    = local.record_name
+  value   = aws_cloudfront_distribution.cloudfront_distribution.domain_name
+  type    = "CNAME"
+  proxied = false
+}

main-cdn.tf

@@ -0,0 +1,11 @@
+module "s3website" {
+  source = "smartassistco/s3website/aws"
+
+  project_name = var.project_name
+  index_file   = var.index_file
+  error_file   = var.error_file
+
+  providers = {
+    aws = aws.bucket-region
+  }
+}

main-cname.tf

@@ -0,0 +1,10 @@
+output "deploy_bucket" {
+  description = "The S3 bucket to deploy the website files"
+  value       = module.s3website.deploy_bucket
+}
+
+output "deploy_user_creds" {
+  description = "The AWS credentials for the deploy user"
+  value       = module.s3website.deploy_user_creds
+  sensitive   = true
+}

main-s3website.tf

@@ -0,0 +1,15 @@
+terraform {
+  required_providers {
+    aws = {
+      source  = "hashicorp/aws"
+      version = ">= 4.15, < 5.0"
+
+      configuration_aliases = [aws.bucket-region, aws.us-east-1]
+    }
+
+    cloudflare = {
+      source  = "cloudflare/cloudflare"
+      version = ">= 3.15, < 4.0"
+    }
+  }
+}

outputs.tf

@@ -0,0 +1,26 @@
+variable "project_name" {
+  description = "The name of the project, which will be used to create the S3 bucket and deploy user. e.g. demo-website"
+  type        = string
+}
+
+variable "index_file" {
+  description = "The name of the error file in the S3 bucket"
+  type        = string
+  default     = "index.html"
+}
+
+variable "error_file" {
+  description = "The name of the error file in the S3 bucket"
+  type        = string
+  default     = "404.html"
+}
+
+variable "domain_name" {
+  description = "The domain name for the website, e.g. demo.example.com"
+  type        = string
+}
+
+variable "cloudflare_zone_id" {
+  description = "The Zone ID for the DNS provider"
+  type        = string
+}