diff --git a/README.md b/README.md index a4a43e9..e3b0f34 100644 --- a/README.md +++ b/README.md @@ -25,8 +25,10 @@ provider "aws" { module "website" { source = "modules/terraform-module-s3-cloudfront" - name = "my-first-website" - hostname = "example.com" + name = "my-first-website" + hostname = "example.com" + wildcard_ssl = "*.example.com" + aliases = [ "example.net", "example.org" @@ -59,6 +61,7 @@ directory of this repository. ## Authors Jonathan Wright +Dave Dash ## License diff --git a/certificate.tf b/certificate.tf index 96c0b22..9d539ae 100644 --- a/certificate.tf +++ b/certificate.tf @@ -10,5 +10,5 @@ provider "aws" { data "aws_acm_certificate" "frontend" { provider = "aws.us-east-1" - domain = "${var.hostname}" + domain = "${coalesce(var.wildcard_ssl, var.hostname)}" } diff --git a/examples/wildcard/README.md b/examples/wildcard/README.md new file mode 100644 index 0000000..994cd33 --- /dev/null +++ b/examples/wildcard/README.md @@ -0,0 +1,28 @@ +# Example Usage + +The example in this directory will utilize a Wildcard SSL certificate. + +## Important + +This module will create an encrypted (i.e. HTTPS) endpoint in CloudFront using +[Amazon Certificate Manager](https://aws.amazon.com/certificate-manager/). ACM +cannot be automated at this time as it requires manual steps in the approval +of the domain name before it can be added into the account. Please therefore +setup the certificate for the domain name you require (and any aliases you may +include as well) by following the +[Getting Started](http://docs.aws.amazon.com/acm/latest/userguide/gs.html) guide +in the AWS Documentation. + +## Usage + +To run this example you need to execute: + +```bash +$ terraform init +$ terraform plan +$ terraform apply +``` + +Note that this example may create resources which can cost money (logs stored +within S3, for example). Run `terraform destroy` when you don't need these +resources. diff --git a/examples/wildcard/main.tf b/examples/wildcard/main.tf new file mode 100644 index 0000000..07eb78d --- /dev/null +++ b/examples/wildcard/main.tf @@ -0,0 +1,16 @@ +provider "aws" { + region = "eu-west-2" +} + +module "website" { + source = "../../" + + name = "my-first-website" + hostname = "mysite.example.com" + wildcard_ssl = "*.example.com" + + tags { + Domain = "mysite.example.com" + Owner = "webmaster@example.com" + } +} diff --git a/examples/wildcard/outputs.tf b/examples/wildcard/outputs.tf new file mode 100644 index 0000000..13e7e3b --- /dev/null +++ b/examples/wildcard/outputs.tf @@ -0,0 +1,15 @@ +output "hostname" { + value = "${module.website.hostname}" +} + +output "s3_bucket_name" { + value = "${module.website.s3_bucket_name}" +} + +output "cloudfront_distribution_id" { + value = "${module.website.cloudfront_distribution_id}" +} + +output "cloudfront_distribution_hostname" { + value = "${module.website.cloudfront_distribution_hostname}" +} diff --git a/outputs.tf b/outputs.tf index 3991765..1fe384d 100644 --- a/outputs.tf +++ b/outputs.tf @@ -17,3 +17,8 @@ output "cloudfront_distribution_hostname" { description = "The hostname of the CloudFront Distribution (use for DNS CNAME)." value = "${aws_cloudfront_distribution.website.domain_name}" } + +output "cloudfront_zone_id" { + description = "The Zone ID of the CloudFront Distribution (use for DNS Alias)." + value = "${aws_cloudfront_distribution.website.hosted_zone_id}" +} diff --git a/variables.tf b/variables.tf index 69ced16..469d933 100644 --- a/variables.tf +++ b/variables.tf @@ -8,6 +8,11 @@ variable "hostname" { default = "example.com" } +variable "wildcard_ssl" { + description = "Wildcard SSL certificate domain name. E.g. *.example.com" + default = "" +} + variable "aliases" { description = "Additional aliases to host this website for." default = []