forked from scalefactory/terraform-cloudfront-auth
-
Notifications
You must be signed in to change notification settings - Fork 3
/
README.yaml
120 lines (100 loc) · 3.58 KB
/
README.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
---
#
# This is the canonical configuration for the `README.md`
# Run `make readme` to rebuild the `README.md`
#
# Name of this project
name: terraform-cloudfront-auth
# Tags of this project
tags:
- aws
- terraform
- terraform-modules
- cloudfront
- s3
- auth
- cloudfront-auth
# Logo for this project
#logo: docs/logo.png
# License of this project
license: "ISC"
# Copyrights
copyrights:
- name: "The Scale Factory Ltd."
url: "https://scalefactory.com"
year: "2019"
- name: "Widen Enterprises"
url: "https://www.widen.com/"
year: "2017"
# Canonical GitHub repo
github_repo: scalefactory/terraform-cloudfront-auth
# Screenshots
screenshots:
- name: "Example"
url: "/docs/code.png"
description: "Example using GitHub authentication"
# Badges to display
badges:
- name: "Latest Release"
image: "https://img.shields.io/github/release/scalefactory/terraform-cloudfront-auth.svg"
url: "https://github.com/scalefactory/terraform-cloudfront-auth/releases/latest"
- name: "License"
image: "https://img.shields.io/badge/License-ISC-blue.svg"
url: "https://opensource.org/licenses/ISC"
# References
references:
- name: "Widen - Cloudfront Auth"
description: "This project wraps Terraform around Widen's cloudfront-auth around"
url: "https://github.com/Widen/cloudfront-auth/"
- name: "Terraform"
description: "Infrastructure as code"
url: "https://terraform.io"
# Short description of this project
description: |-
A Terraform module to provision a Cloudfront distribution to serve private
content in an S3 bucket with Lamba@Edge Google/Microsoft/Github/Okta/Auth0/Centrify
authentication. Based on [Widen - Cloudfront Auth](https://github.com/Widen/cloudfront-auth/)
# Introduction to the project
introduction: |-
You should use this module if you have a private S3 bucket that you want to
guard with Google/Microsoft/Github/Okta/Auth0/Centrify authentication.
The Terraform packages up
[cloudfront-auth](https://github.com/Widen/cloudfront-auth/) into a Lambda
function to be used by Cloudfront's
[Lambda@Edge](https://aws.amazon.com/lambda/edge/). A private S3 bucket and
Cloudfront Distribution will also be created.
# How to use this project
usage: |-
**NOTE**: You will need to create a certificate with AWS Certificate Manager in
the `us-east-1` region. The example below assumes a certificate for the domain
`example.com` already exists.
```hcl
module "cloudfront_auth" {
source = "git::https://github.com/scalefactory/terraform-cloudfront-auth.git?ref=master"
auth_vendor = "github"
cloudfront_distribution = "private.example.com"
client_id = "CHANGE_ME"
client_secret = "CHANGE_ME"
redirect_uri = "https://private.example.com/callback"
github_organization = "exampleorg"
bucket_name = "private.example.com"
region = "eu-west-1"
cloudfront_acm_certificate_arn = "${data.aws_acm_certificate.example.arn}"
}
data "aws_acm_certificate" "example" {
domain = "example.com"
statuses = ["ISSUED"]
}
```
# Example usage
examples: |-
A Full working example can be found in [example](./example) folder. Please
update the `cloudfront_auth` module parameters. **NOTE**: The certificate will
need validating with email first.
# Other files to include in this README from the project folder
include:
- "docs/terraform.md"
# Contributors to this project
contributors:
- name: "Steve Porter"
github: "steveporter92"