Skip to content

PointOneNav/tf-simple-s3-site

BranchesTags
 
 

Repository files navigation

Simple S3 Site

Terraform module to deploy a simple static site via S3 and fronted with CloudFront. Theoretically this will result in $0.00 charges for delivery. Storage will become your dominate segment.

Features

  • Private S3 storage bucket
  • HTTPS certificate for your domain issued via Amazon's free ACM.
  • AWS IAM role to deploy to the bucket.
  • index.html rewriting for URLs ending with a /, allowing for compatability with standard web development practices.

Requirements

Name Version
aws >= 5.42.0

Providers

Name Version
aws 6.45.0
aws.us_east_1 6.45.0

Inputs

Name Description Type Default Required
bucket Name of the S3 bucket used for static site hosting string n/a yes
create_iam_user Whether to create an IAM user with a static access key for CI/CD deployments bool true no
github_actions_deploy When set, creates an IAM role assumable by GitHub Actions via OIDC federation.

Format for allowed_repos: "org/repo", e.g. ["my-org/my-site"].
Format for allowed_branches: "refs/heads/", supports wildcards, e.g. ["refs/heads/main", "refs/heads/release/*"].
Format for allowed_environments: plain GitHub environment names, e.g. ["production"].

When neither allowed_branches nor allowed_environments is set, the trust is open
to all refs and environments within the configured repos.		 
object({
    allowed_repos        = list(string)
    allowed_branches     = optional(list(string))
    allowed_environments = optional(list(string))
  })
 null no
hosted_zone Route53 hosted zone name for DNS records and certificate validation string n/a yes
hostnames DNS hostnames for the CloudFront distribution. The first entry is used as the primary ACM certificate domain; additional entries become Subject Alternative Names list(string) n/a yes
redirect_404_spa When true, 403 and 404 errors return 200 with /index.html to support SPA client-side routing bool false no
tags Tags applied to all resources map(string) {} no

Outputs

Name Description
deployer IAM access key and secret for CI/CD deployments to the S3 bucket
github_actions_role IAM role ARN for GitHub Actions OIDC deployments

Note: You'll need to configure an AWS provider to specifically run in us-east-1 for the certificate (required by CloudFront). Hosted zone must exist in Route 53.

Example

module "spa" {
  source = "git::https://github.com/meschbach/tf-simple-s3-site.git?ref=v0.0.1"
  bucket = "website-com-example"
  hostnames = ["example.com"]
  hosted_zone = "example.com"

  providers = {
    aws.us_east_1 = aws.us_east_1
  }
}

provider "aws" {
  region = "us-west-2"
}

provider "aws" {
  alias = "us_east_1"
  region = "us-east-1"
}

resource "aws_route53_zone" "com_example" {
  name = "example.com"
  comment = "Example website"
}

Philosophy

(steps up on my soapbox and clears throat)

This module aims to provide a simple interface to providing the minimal viable target. There are a number of great modules with a ton of tuning knobs which are very hard to understand. This aims to be simple straight forward module to accomplish just serving a static website.

Contributing

See CONTRIBUTING.md for development setup, linting, and CI details.

About

Terraform module for deploying a cheap and simple static site.

Resources

Readme

Contributing

Contributing
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

2 tags

Packages

 
 
 

Contributors

Languages

  • HCL 98.1%
  • JavaScript 1.9%