Merge pull request #3 from grupoboticario/feature/cache_policy

Feature/cache policy
grupoboticario · Mar 26, 2021 · 559083f · 559083f
2 parents 73fe0d4 + 2d5849f
commit 559083f
Show file tree

Hide file tree

Showing 2 changed files with 75 additions and 0 deletions.
diff --git a/site-main/main.tf b/site-main/main.tf
@@ -181,6 +181,9 @@ resource "aws_cloudfront_distribution" "website_cdn" {
       }
     }
 
+    cache_policy_id          = var.enable_cache_policy == true ? aws_cloudfront_cache_policy.main[0].id : null
+    origin_request_policy_id = var.enable_cache_policy == true ? aws_cloudfront_origin_request_policy.main[0].id : null
+
     forwarded_values {
       query_string = var.forward-query-string
 
@@ -226,3 +229,55 @@ resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
   count   = var.enable_oai == true ? 1 : 0
   comment = "Create OAI to use in CF"
 }
+
+################################################################################################################
+## Cache Policy
+################################################################################################################
+
+resource "aws_cloudfront_cache_policy" "main" {
+  count = var.enable_cache_policy == true ? 1 : 0
+
+  name        = "behavior-s3-cors-Cache"
+  default_ttl = var.cache_policy_default_ttl
+  max_ttl     = var.cache_policy_max_ttl
+  min_ttl     = var.cache_policy_min_ttl
+
+  parameters_in_cache_key_and_forwarded_to_origin {
+    headers_config {
+      header_behavior = "whitelist"
+      headers {
+        items = ["origin"]
+      }
+    }
+    cookies_config {
+      cookie_behavior = "none"
+    }
+    query_strings_config {
+      query_string_behavior = "all"
+    }
+  }
+}
+
+################################################################################################################
+## Origin Request Policy
+################################################################################################################
+
+resource "aws_cloudfront_origin_request_policy" "main" {
+  count = var.enable_cache_policy == true ? 1 : 0
+
+  name    = "behavior-managed-cors-s3-origin"
+  comment = "Policy for S3 origin with CORS"
+
+  headers_config {
+    header_behavior = "whitelist"
+    headers {
+      items = ["origin", "access-control-request-headers", "access-control-request-method"]
+    }
+  }
+  cookies_config {
+    cookie_behavior = "none"
+  }
+  query_strings_config {
+    query_string_behavior = "none"
+  }
+}
diff --git a/site-main/variables.tf b/site-main/variables.tf
@@ -108,3 +108,23 @@ variable "versioning" {
   default     = false
 }
 
+variable "enable_cache_policy" {
+  description = "Enable cache policy and origin request policy"
+  default     = false
+}
+
+variable "cache_policy_default_ttl" {
+  description = "Time in seconds, that you want objects to stay in the CloudFront cache"
+  default     = "86400"
+}
+
+variable "cache_policy_max_ttl" {
+  description = "The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated."
+  default     = "31536000"
+}
+
+variable "cache_policy_min_ttl" {
+  description = "The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache"
+  default     = "1"
+}
+