Skip to main content
Version: Next



Terraform module which creates CloudFront resources on AWS



aliasesExtra CNAMEs (alternate domain names), if any, for this distribution.list(string)false
commentAny comments you want to include about the distribution.stringfalse
create_distributionControls if CloudFront distribution should be createdboolfalse
create_monitoring_subscriptionIf enabled, the resource for monitoring subscription will created.boolfalse
create_origin_access_identityControls if CloudFront origin access identity should be createdboolfalse
custom_error_responseOne or more custom error response elementsanyfalse
default_cache_behaviorThe default cache behavior for this distributionanyfalse
default_root_objectThe object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.stringfalse
enabledWhether the distribution is enabled to accept end user requests for content.boolfalse
geo_restrictionThe restriction configuration for this distribution (geo_restrictions)anyfalse
http_versionThe maximum HTTP version to support on the distribution. Allowed values are http1.1 and http2. The default is http2.stringfalse
is_ipv6_enabledWhether the IPv6 is enabled for the distribution.boolfalse
logging_configThe logging configuration that controls how logs are written to your distribution (maximum one).anyfalse
ordered_cache_behaviorAn ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.anyfalse
originOne or more origins for this distribution (multiples allowed).anyfalse
origin_access_identitiesMap of CloudFront origin access identities (value as a comment)map(string)false
origin_groupOne or more origin_group for this distribution (multiples allowed).anyfalse
price_classThe price class for this distribution. One of PriceClass_All, PriceClass_200, PriceClass_100stringfalse
realtime_metrics_subscription_statusA flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are Enabled and Disabled.stringfalse
retain_on_deleteDisables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards.boolfalse
tagsA map of tags to assign to the
viewer_certificateThe SSL configuration for this distributionanyfalse
wait_for_deploymentIf enabled, the resource will wait for the distribution status to change from InProgress to Deployed. Setting this tofalse will skip the process.boolfalse
web_acl_idIf you're using AWS WAF to filter CloudFront requests, the Id of the AWS WAF web ACL that is associated with the distribution. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have waf:GetWebACL permissions assigned. If using WAFv2, provide the ARN of the web ACL.stringfalse
writeConnectionSecretToRefThe secret which the cloud resource connection will be written towriteConnectionSecretToReffalse


nameThe secret name which the cloud resource connection will be written tostringtrue
namespaceThe secret namespace which the cloud resource connection will be written tostringfalse