Merge pull request #4 from grupoboticario/hotfix/cache_policy

Hotfix/cache policy
grupoboticario · Apr 28, 2021 · 0f4bce8 · 0f4bce8
2 parents 1eb0900 + 3bfe89e
commit 0f4bce8
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 9 deletions.
diff --git a/site-main/main.tf b/site-main/main.tf
@@ -53,6 +53,7 @@ locals {
   origin_domain_name     = aws_s3_bucket.website_bucket.website_endpoint
   origin_domain_name_oai = aws_s3_bucket.website_bucket.bucket_regional_domain_name
   origin_access_identity = var.enable_oai == true ? [aws_cloudfront_origin_access_identity.origin_access_identity[0].cloudfront_access_identity_path] : []
+  forwarded_values       = [{ query_string = var.forward-query-string, cookies = { forward = "none" } }]
 
   custom_origin_config = var.enable_oai == false ? [{
     origin_protocol_policy = "http-only"
@@ -181,22 +182,25 @@ resource "aws_cloudfront_distribution" "website_cdn" {
       }
     }
 
-    cache_policy_id          = var.enable_cache_policy == true ? "S3-CORS-Caching" : null
-    origin_request_policy_id = var.enable_cache_policy == true ? "Managed-CORS-S3Origin" : null
+    cache_policy_id          = var.enable_cache_policy == true ? var.cache_policy_id : null
+    origin_request_policy_id = var.enable_cache_policy == true ? var.origin_request_policy_id : null
 
-    forwarded_values {
-      query_string = var.forward-query-string
+    dynamic "forwarded_values" {
+      for_each = var.enable_cache_policy == false ? local.forwarded_values : []
 
-      cookies {
-        forward = "none"
+      content {
+        query_string = lookup(local.forwarded_values[0], "query_string", true)
+        cookies {
+          forward = lookup(local.forwarded_values[0].cookies, "forward", "none")
+        }
       }
     }
 
     trusted_signers = var.trusted_signers
 
-    min_ttl          = var.min_ttl
-    default_ttl      = var.default_ttl
-    max_ttl          = var.max_ttl
+    min_ttl          = var.enable_cache_policy == false ? var.min_ttl : null
+    default_ttl      = var.enable_cache_policy == false ? var.default_ttl : null
+    max_ttl          = var.enable_cache_policy == false ? var.max_ttl : null
     target_origin_id = "origin-bucket-${aws_s3_bucket.website_bucket.id}"
 
     // This redirects any HTTP request to HTTPS. Security first!

diff --git a/site-main/variables.tf b/site-main/variables.tf
@@ -128,3 +128,12 @@ variable "cache_policy_min_ttl" {
   default     = "1"
 }
 
+variable "cache_policy_id" {
+  default     = "668305c0-42b0-4b68-8ba7-3c16a9e74a55"
+  description = "Name of cache policy previously created"
+}
+
+variable "origin_request_policy_id" {
+  default     = "88a5eaf4-2fd4-4709-b370-b4c650ea3fcf"
+  description = "Name of origin request policy previously created"
+}