terraform-aws-s3-static-website

Terraform module that deploys basic AWS S3 static website

Requirements

Name	Version
terraform	>= 1.0
aws	>= 4.0

Providers

Name	Version
aws	>= 4.0
aws.us_east_1	>= 4.0

Modules

No modules.

Resources

Name	Type
aws_acm_certificate.this	resource
aws_acm_certificate_validation.this	resource
aws_cloudfront_distribution.this	resource
aws_cloudfront_origin_access_identity.this	resource
aws_route53_record.cloudfront	resource
aws_route53_record.ssl_validation	resource
aws_s3_bucket.logging	resource
aws_s3_bucket.this	resource
aws_s3_bucket_acl.this	resource
aws_s3_bucket_lifecycle_configuration.logging	resource
aws_s3_bucket_logging.logging	resource
aws_s3_bucket_ownership_controls.logging	resource
aws_s3_bucket_ownership_controls.this	resource
aws_s3_bucket_policy.this	resource
aws_s3_bucket_public_access_block.this	resource
aws_s3_bucket_server_side_encryption_configuration.logging	resource
aws_s3_bucket_versioning.this	resource
aws_s3_bucket_website_configuration.this	resource
aws_s3_object.this	resource
aws_region.current	data source
aws_route53_zone.this	data source

Inputs

Name	Description	Type	Default	Required
cdn_config	Settings for enabling HTTPS, CloudFront, ACM, and optional custom domain configurations.	object({ enable = bool domain = object({ name = string sub_name = string ttl = optional(number, 300) }) validation_method = optional(string, "DNS") origin_access_comment = optional(string, "Access Identity for S3 Origin") allowed_methods = optional(list(string), ["GET", "HEAD", "OPTIONS"]) cached_methods = optional(list(string), ["GET", "HEAD"]) enable_compression = optional(bool, true) protocol_policy = optional(string, "redirect-to-https") forward_query_string = optional(bool, false) forward_cookies = optional(string, "none") minimum_ttl = optional(number, 0) default_ttl = optional(number, 300) maximum_ttl = optional(number, 1200) price_class = optional(string, "PriceClass_All") error_page_path = optional(string, "/error.html") error_page_cache_ttl = optional(number, 300) ssl_support_method = optional(string, "sni-only") minimum_tls_version = optional(string, "TLSv1.2_2021") geo_restriction_policy = optional(string, "none") })	{ "allowed_methods": [ "GET", "HEAD", "OPTIONS" ], "cached_methods": [ "GET", "HEAD" ], "default_ttl": 300, "domain": { "name": "", "sub_name": "", "ttl": 300 }, "enable": false, "enable_compression": true, "error_page_cache_ttl": 300, "error_page_path": "/error.html", "forward_cookies": "none", "forward_query_string": false, "geo_restriction_policy": "none", "maximum_ttl": 1200, "minimum_tls_version": "TLSv1.2_2021", "minimum_ttl": 0, "origin_access_comment": "Access Identity for S3 Origin", "price_class": "PriceClass_All", "protocol_policy": "redirect-to-https", "ssl_support_method": "sni-only", "validation_method": "DNS" }	no
logging_config	Configuration for S3 bucket logging.	object({ enable = bool s3_prefix = optional(string, "s3/") cloudfront_prefix = optional(string, "cloudfront/") log_retention_days = optional(number, 30) enable_encryption = optional(bool, true) encryption_algorithm = optional(string, "AES256") })	{ "cloudfront_prefix": "cloudfront/", "enable": false, "enable_encryption": true, "encryption_algorithm": "AES256", "log_retention_days": 90, "s3_prefix": "s3/" }	no
s3_config	Configuration for the S3 bucket, including naming, access controls, and website settings.	object({ bucket_name = optional(string, "s3-static-site") bucket_acl = optional(string, "private") bucket_suffix = optional(string, "") enable_force_destroy = optional(bool, false) object_ownership = optional(string, "BucketOwnerPreferred") enable_versioning = optional(bool, false) index_document = optional(string, "index.html") error_document = optional(string, "") public_access = object({ block_public_acls = optional(bool, true) block_public_policy = optional(bool, true) ignore_public_acls = optional(bool, true) restrict_public_buckets = optional(bool, true) }) source_file_path = optional(string, "/var/www") allowed_principals = optional(list(string), ["*"]) })	{ "allowed_principals": [ "*" ], "bucket_acl": "private", "bucket_name": "s3-static-site", "bucket_suffix": "", "enable_force_destroy": false, "enable_versioning": false, "error_document": "", "index_document": "index.html", "object_ownership": "BucketOwnerPreferred", "public_access": { "block_public_acls": true, "block_public_policy": true, "ignore_public_acls": true, "restrict_public_buckets": true }, "source_file_path": "/var/www" }	no
tags	A map of tags to assign to the resources. Tags are useful for identifying and managing resources in AWS. If no tags are provided, an empty map will be used.	map(string)	{}	no

Outputs

Name	Description
acm_certificate_arn	The ARN of the ACM certificate used for the CloudFront distribution, if HTTPS is enabled.
cloudfront_distribution_arn	The ARN of the CloudFront distribution, if CDN is enabled. Null if CDN is disabled.
cloudfront_distribution_id	The ID of the CloudFront distribution, if CDN is enabled. Null if CDN is disabled.
cloudfront_dns_name	The DNS name for the CloudFront distribution, managed by Route 53, if CDN is enabled.
cloudfront_website_url	The website URL served through CloudFront when CDN is enabled. Empty if CDN is disabled.
s3_bucket_arn	The ARN of the S3 bucket.
s3_bucket_domain_name	The domain name of the S3 bucket (legacy global endpoint).
s3_bucket_id	The unique ID of the S3 bucket.
s3_bucket_region	The AWS region where the S3 bucket is deployed.
s3_bucket_regional_domain_name	The regional domain name of the S3 bucket (recommended for CloudFront origins).
s3_logging_bucket	The ID of the S3 bucket used for logging, if logging is enabled. Null if logging is disabled.
s3_website_url	The HTTP URL of the S3 static website. Note: HTTPS is not natively supported by S3.
website_url	The dynamic website URL, using Route 53 custom domain if CDN is enabled, otherwise S3.