This is primarily useful when testing locally, so that the users aws config/credentials aren't
polluted, and adds little no value otherwise.
Signed-off-by: Collin J. Doering <collin@rekahsoft.ca>
Adds the variables:
- `enable_naked_domain`
Whether or not to enable access to the site only via a naked domain.
When `enable_naked_domain=true`:
- This corresponds to the previous configuration.
When `enable_naked_domain=false`:
- Sets the domain_name to the www version of the domain and adds the naked domain as a
SAN (Subject Alternative Name) on the ACM certificate
- Create dns validation records for both the naked domain and www domain
- Creates a s3 bucket with redirect policy which redirects all requests to the www version
of the site
- Creates a cloudfront web distribution with a custom origin of the website bucket
url (this is required as s3 origins do not handle redirects)
- `subdomain`
The subdomain to use under the `dns_apex`, eg `<subdomain>.<dns_apex>`. Defaults to empty.
Remember, `dns_apex` must correspond to a route53 public hosted zone.
Signed-off-by: Collin J. Doering <collin@rekahsoft.ca>
Create a classic static site deployment using cloudfront with a s3 origin. Provision, verify and
utilize a ACM certificate to enable (and force) https for cloudfront.
This assumes that the build resources are available at ./_site as a null_resource is used to
sync it to the s3 origin backing cloudfront. A IAM user and policy is provisioned prior to the
null_resource execution with least privilege access to the s3 bucket.
Note: The required terraform backend resources were manually provisioned.
Signed-off-by: Collin J. Doering <collin.doering@rekahsoft.ca>
Collin J. Doering