Panfactum LogoPanfactum
Infrastructure ModulesSubmodulesAWSaws_s3_public_website
aws_s3_public_website
Beta
Submodule
Source Code Link

Public Files Hosted in S3 Bucket

This module creates an S3 bucket fronted by CloudFront. Files in this bucket will be available at a public URL. The URL for each file is https://{var.domain}/path/to/file/in/bucket.

Under the hood, this module passes most arguments to either

  • aws_cdn (docs); or
  • aws_s3_private_bucket (docs)

so see the documentation for those modules for more information about various input settings.

Providers

The following providers are needed by this module:

  • aws (5.80.0)

  • pf (0.0.5)

  • random (3.6.3)

Required Inputs

The following input variables are required:

bucket_name

Description: The name of the s3 bucket.

Type: string

description

Description: A statement of purpose for the S3 bucket.

Type: string

domain

Description: The domain name to serve content from

Type: string

Optional Inputs

The following input variables are optional (have default values):

cors_additional_allowed_origins

Description: Specifies which origins are allowed besides the domain name specified

Type: list(string)

Default: []

cors_allowed_headers

Description: Specifies which headers are allowed for CORS requests.

Type: list(string)

Default:

[
  "Content-Length"
]

cors_allowed_methods

Description: Specifies which methods are allowed. Can be GET, PUT, POST, DELETE or HEAD.

Type: list(string)

Default:

[
  "GET",
  "HEAD"
]

cors_expose_headers

Description: Specifies expose header in the response.

Type: list(string)

Default: []

cors_max_age_seconds

Description: Time in seconds that the browser can cache the response for a preflight CORS request.

Type: number

Default: 3600

default_cache_behavior

Description: The default configuration for requests that hit the CloudFront distribution.

Type:

object({
    caching_enabled      = optional(bool, true)                                                                 # Whether the CDN should cache responses from the origin (overrides all other caching settings)
    allowed_methods      = optional(list(string), ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"]) # What HTTP methods are allowed
    cached_methods       = optional(list(string), ["GET", "HEAD"])                                              # What HTTP methods will be cached
    min_ttl              = optional(number, 0)                                                                  # Minimum cache time
    default_ttl          = optional(number, 86400)                                                              # Default cache time
    max_ttl              = optional(number, 31536000)                                                           # Maximum cache time
    cookies_in_cache_key = optional(list(string), ["*"])                                                        # Which cookies will be included in the cache key (Providing "*" means ALL cookies)
    headers_in_cache_key = optional(list(string), [                                                             # Which headers will be included in the cache key
      "Authorization",
      "Origin",
      "x-http-method-override",
      "x-http-method",
      "x-method-override",
      "x-forwarded-host",
      "x-host",
      "x-original-url",
      "x-rewrite-url",
      "forwarded"
    ])
    query_strings_in_cache_key = optional(list(string), ["*"])         # Which query strings will be included in the cache key (Providing "*" means ALL query strings)
    compression_enabled        = optional(bool, true)                  # Whether the CDN performs compression on your assets
    viewer_protocol_policy     = optional(string, "redirect-to-https") # What should happen based on the client protocol (HTTP vs HTTPS). One of: allow-all, https-only, redirect-to-https
  })

Default: {}

expire_after_days

Description: Whether objects older than indicated days should be deleted. (0 to disable)

Type: number

Default: 0

expire_old_versions

Description: Whether old object versions should be expired.

Type: bool

Default: true

force_destroy

Description: Whether the bucket can be deleted if objects still exist in it.

Type: bool

Default: false

geo_restriction_list

Description: A list of ISO 3166 country codes for the geographic restriction list (works for both whitelist and blacklist)

Type: list(string)

Default: []

geo_restriction_type

Description: What type of geographic restrictions to you want to apply to CDN clients. Must be one of: none, blacklist, whitelist.

Type: string

Default: "none"

intelligent_transitions_enabled

Description: Whether objects should be subject to intelligent access tiering.

Type: bool

Default: true

logging_cookies_enabled

Description: Whether cookies should be included in the CloudFront request logs

Type: bool

Default: false

logging_enabled

Description: Whether request logging should be enabled for the CloudFront distribution

Type: bool

Default: false

logging_expire_after_days

Description: The number of days after which CloudFront logs will be deleted. (0 to disable)

Type: number

Default: 0

path_match_behaviors

Description: Similar to default_cache_behavior but allows you to specify specific rules for certain path patterns. The keys for this map are the path patterns (e.g., '*.jpg').

Type:

map(object({
    caching_enabled      = optional(bool, true)
    allowed_methods      = optional(list(string), ["DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"])
    cached_methods       = optional(list(string), ["GET", "HEAD"])
    min_ttl              = optional(number, 0)
    default_ttl          = optional(number, 86400)
    max_ttl              = optional(number, 31536000)
    cookies_in_cache_key = optional(list(string), ["*"])
    headers_in_cache_key = optional(list(string), [
      "Authorization",
      "Origin",
      "x-http-method-override",
      "x-http-method",
      "x-method-override",
      "x-forwarded-host",
      "x-host",
      "x-original-url",
      "x-rewrite-url",
      "forwarded"
    ])
    query_strings_in_cache_key = optional(list(string), ["*"])
    compression_enabled        = optional(bool, true)
    viewer_protocol_policy     = optional(string, "redirect-to-https")
  }))

Default: {}

price_class

Description: The price class for the CDN. Must be one of: PriceClass_All, PriceClass_200, PriceClass_100.

Type: string

Default: "PriceClass_100"

timed_transitions_enabled

Description: Whether objects should be transitioned to lower storage tiers after a certain amount of time.

Type: bool

Default: false

versioning_enabled

Description: Whether object versioning is enabled.

Type: bool

Default: false

Outputs

The following outputs are exported:

bucket_arn

Description: n/a

bucket_name

Description: n/a

domain

Description: n/a

Usage

No notes