Skip to content

Instantly share code, notes, and snippets.

@wenqiglantz
Created January 28, 2023 21:02
Show Gist options
  • Save wenqiglantz/5ee48cec1f002fc45fca7c665d9f1882 to your computer and use it in GitHub Desktop.
Save wenqiglantz/5ee48cec1f002fc45fca7c665d9f1882 to your computer and use it in GitHub Desktop.
provider "aws" {
region = "us-east-1"
}
# for github secrets creation
provider "github" {
token = var.pipeline_token
owner = "your-github-account"
}
module "static_site" {
source = "cloudposse/cloudfront-s3-cdn/aws"
# Cloud Posse recommends pinning every module to a specific version
# version = "x.x.x"
namespace = "eg"
stage = "dev"
name = "demo"
aliases = ["assets.example.com"]
dns_alias_enabled = true
parent_zone_name = "example.com"
deployment_principal_arns = {
"arn:aws:iam::123456789012:role/principal1" = ["prefix1/", "prefix2/"]
"arn:aws:iam::123456789012:role/principal2" = [""]
}
}
# GitHub secrets creation, need these secrets for app CI/CD in github actions
resource "github_actions_environment_secret" "s3_bucket_name" {
repository = var.deploy_repo
environment = var.deploy_env
secret_name = "S3_BUCKET_NAME"
plaintext_value = module.static_site.s3_bucket
}
resource "github_actions_environment_secret" "cloudfront_distribution_id" {
repository = var.deploy_repo
environment = var.deploy_env
secret_name = "CLOUDFRONT_DISTRIBUTION_ID"
plaintext_value = module.static_site.cf_id
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment