Skip to content

Commit

Permalink
fix(DMVP-5400): Add response header policy
Browse files Browse the repository at this point in the history
  • Loading branch information
Julieta Aghamyan committed Oct 7, 2024
1 parent 4fb3382 commit f90eff7
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 10 deletions.
3 changes: 1 addition & 2 deletions modules/cloudfront/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -172,7 +172,7 @@ module "cloudfront" {
| <a name="input_connection_attempts"></a> [connection\_attempts](#input\_connection\_attempts) | The number of times that CloudFront attempts to connect to the origin. | `number` | `3` | no |
| <a name="input_connection_timeout"></a> [connection\_timeout](#input\_connection\_timeout) | The number of seconds that CloudFront waits when trying to establish a connection to the origin. | `number` | `10` | no |
| <a name="input_create_lambda_security_headers"></a> [create\_lambda\_security\_headers](#input\_create\_lambda\_security\_headers) | Whether to create and attach a labda function to the distribution or not. | `bool` | `false` | no |
| <a name="input_create_response_headers_policy"></a> [create\_response\_headers\_policy](#input\_create\_response\_headers\_policy) | n/a | <pre>object({<br> enabled = optional(bool, false)<br> name = optional(string, "custome_response_headers")<br> security_headers = object({<br> frame_options = optional(string)<br> })<br> })</pre> | <pre>{<br> "enabled": false,<br> "name": "custome_response_headers",<br> "security_headers": {}<br>}</pre> | no |
| <a name="input_create_response_headers_policy"></a> [create\_response\_headers\_policy](#input\_create\_response\_headers\_policy) | Create cloudfront custom header policy | <pre>object({<br> enabled = optional(bool, false)<br> name = optional(string, "custom_response_headers")<br> security_headers = object({<br> frame_options = optional(string)<br> })<br> })</pre> | <pre>{<br> "enabled": false,<br> "name": "custom_response_headers",<br> "security_headers": {}<br>}</pre> | no |
| <a name="input_custom_origin_config"></a> [custom\_origin\_config](#input\_custom\_origin\_config) | n/a | `map` | <pre>{<br> "http_port": 80,<br> "https_port": 443,<br> "origin_keepalive_timeout": 5,<br> "origin_protocol_policy": "http-only",<br> "origin_read_timeout": 30,<br> "origin_ssl_protocols": [<br> "TLSv1",<br> "TLSv1.1",<br> "TLSv1.2"<br> ]<br>}</pre> | no |
| <a name="input_default_allowed_methods"></a> [default\_allowed\_methods](#input\_default\_allowed\_methods) | Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. | `list(string)` | <pre>[<br> "DELETE",<br> "GET",<br> "HEAD",<br> "OPTIONS",<br> "PATCH",<br> "POST",<br> "PUT"<br>]</pre> | no |
| <a name="input_default_cached_methods"></a> [default\_cached\_methods](#input\_default\_cached\_methods) | Controls whether CloudFront caches the response to requests using the specified HTTP methods. | `list(string)` | <pre>[<br> "GET",<br> "HEAD"<br>]</pre> | no |
Expand Down Expand Up @@ -208,7 +208,6 @@ module "cloudfront" {
| <a name="input_origin_ssl_protocols"></a> [origin\_ssl\_protocols](#input\_origin\_ssl\_protocols) | The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. | `list(string)` | <pre>[<br> "TLSv1",<br> "TLSv1.1",<br> "TLSv1.2"<br>]</pre> | no |
| <a name="input_origins"></a> [origins](#input\_origins) | Targets, types and custom\_origin\_config block are needed to create new origins. | `list(any)` | n/a | yes |
| <a name="input_price_class"></a> [price\_class](#input\_price\_class) | The price class for this distribution. | `string` | `"PriceClass_All"` | no |
| <a name="input_response_headers_policy_id"></a> [response\_headers\_policy\_id](#input\_response\_headers\_policy\_id) | Identifier for a response headers policy. | `string` | `null` | no |
| <a name="input_restriction_type"></a> [restriction\_type](#input\_restriction\_type) | The method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist. | `string` | `"none"` | no |
| <a name="input_retain_on_delete"></a> [retain\_on\_delete](#input\_retain\_on\_delete) | Disables the distribution instead of deleting it when destroying the resource through Terraform. | `bool` | `false` | no |
| <a name="input_tags_name"></a> [tags\_name](#input\_tags\_name) | n/a | `string` | `"terraform testing"` | no |
Expand Down
11 changes: 3 additions & 8 deletions modules/cloudfront/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -55,12 +55,6 @@ variable "cache_policy_id" {
description = "Unique identifier of the cache policy that is attached to the cache behavior"
}

variable "response_headers_policy_id" {
type = string
default = null
description = "Identifier for a response headers policy."
}

variable "targets" {
default = []
description = "Targets and patterns needed to create new behaviours."
Expand Down Expand Up @@ -306,14 +300,15 @@ variable "logging_config" {
variable "create_response_headers_policy" {
type = object({
enabled = optional(bool, false)
name = optional(string, "custome_response_headers")
name = optional(string, "custom_response_headers")
security_headers = object({
frame_options = optional(string)
})
})
default = {
enabled = false
name = "custome_response_headers"
name = "custom_response_headers"
security_headers = {}
}
description = "Create cloudfront custom header policy"
}

0 comments on commit f90eff7

Please sign in to comment.