From 60b8d1e97cbe70a0b65bbcab41bf5dd886dcc9d5 Mon Sep 17 00:00:00 2001 From: niroz89 Date: Sat, 9 Mar 2024 10:44:58 +0800 Subject: [PATCH] Add outputs --- modules/cache/README.md | 5 ++++- modules/cache/outputs.tf | 9 +++++++++ modules/origin-request/README.md | 5 ++++- modules/origin-request/outputs.tf | 9 +++++++++ modules/response-headers/README.md | 7 +++++-- modules/response-headers/outputs.tf | 9 +++++++++ 6 files changed, 40 insertions(+), 4 deletions(-) create mode 100644 modules/cache/outputs.tf create mode 100644 modules/origin-request/outputs.tf create mode 100644 modules/response-headers/outputs.tf diff --git a/modules/cache/README.md b/modules/cache/README.md index 81158e0..bd5b470 100644 --- a/modules/cache/README.md +++ b/modules/cache/README.md @@ -38,5 +38,8 @@ No modules. ## Outputs -No outputs. +| Name | Description | +|------|-------------| +| [etag](#output\_etag) | The current version of the cache policy. | +| [id](#output\_id) | The identifier for the cache policy. | diff --git a/modules/cache/outputs.tf b/modules/cache/outputs.tf new file mode 100644 index 0000000..f8bac12 --- /dev/null +++ b/modules/cache/outputs.tf @@ -0,0 +1,9 @@ +output "id" { + description = "The identifier for the cache policy." + value = aws_cloudfront_cache_policy.this.id +} + +output "etag" { + description = "The current version of the cache policy." + value = aws_cloudfront_cache_policy.this.etag +} diff --git a/modules/origin-request/README.md b/modules/origin-request/README.md index f67db40..cc788c2 100644 --- a/modules/origin-request/README.md +++ b/modules/origin-request/README.md @@ -34,5 +34,8 @@ No modules. ## Outputs -No outputs. +| Name | Description | +|------|-------------| +| [etag](#output\_etag) | The current version of the origin request policy. | +| [id](#output\_id) | The identifier for the origin request policy. | diff --git a/modules/origin-request/outputs.tf b/modules/origin-request/outputs.tf new file mode 100644 index 0000000..fe44848 --- /dev/null +++ b/modules/origin-request/outputs.tf @@ -0,0 +1,9 @@ +output "id" { + description = "The identifier for the origin request policy." + value = aws_cloudfront_origin_request_policy.this.id +} + +output "etag" { + description = "The current version of the origin request policy." + value = aws_cloudfront_origin_request_policy.this.etag +} diff --git a/modules/response-headers/README.md b/modules/response-headers/README.md index 174bd45..7aeb91e 100644 --- a/modules/response-headers/README.md +++ b/modules/response-headers/README.md @@ -28,7 +28,7 @@ No modules. |------|-------------|------|---------|:--------:| | [content\_security\_policy\_header](#input\_content\_security\_policy\_header) | A configuration for `Content-Security-Policy` header in HTTP responses sent from CloudFront. The HTTP `Content-Security-Policy` response header allows web site administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks. `content_security_policy_header` as defined below.
`enabled` - Whether to enable `Content-Security-Policy` response header. Defaults to `false`.
`override` - Whether CloudFront overrides the `Content-Security-Policy` response header with the header received from the origin. Defaults to `true`.
`value` - The value for the `Content-Security-Policy` HTTP response header. The `Content-Security-Policy` header value is limited to 1783 characters. | 
object({
    enabled  = optional(bool, false)
    override = optional(bool, true)
    value    = optional(string, "")
  })
| `{}` | no | | [content\_type\_options\_header](#input\_content\_type\_options\_header) | A configuration for `X-Content-Type-Options` header in HTTP responses sent from CloudFront. The `X-Content-Type-Options` response HTTP header is a marker used by the server to indicate that the MIME types advertised in the `Content-Type` headers should be followed and not be changed. The header allows you to avoid MIME type sniffing by saying that the MIME types are deliberately configured. `content_type_options_header` as defined below.
`enabled` - Whether to enable `X-Content-Type-Options` response header. When this setting is `true`, CloudFront adds the `X-Content-Type-Options: nosniff` header to response. (Blocks a request if the request destination is of type style and the MIME type is not text/css, or of type script and the MIME type is not a JavaScript MIME type.) Defaults to `false`.
`override` - Whether CloudFront overrides the `X-Content-Type-Options` response header with the header received from the origin. Defaults to `true`. | 
object({
    enabled  = optional(bool, false)
    override = optional(bool, true)
  })
| `{}` | no | -| [cors](#input\_cors) | A configuration for a set of HTTP response headers for CORS(Cross-Origin Resource Sharing). `cors` as defined below.
`enabled` - Whether to enable CORS configuration for the response headers policy .
`orgin_override` - Whether CloudFront override the response from the origin which contains one of the CORS headers specified in this policy. Defaults to `true`.
`access_control_allow_credentials` - Whether CloudFront adds the `Access-Control-Allow-Credentials` header in responses to CORS requests. When enabled, CloudFront adds the `Access-Control-Allow-Credentials: true` header in responses to CORS requests. Otherwise, CloudFront doesn't add this header to responses. Defaults to `false`.
`access_control_allow_headers` - A set of HTTP header names for CloudFront to include as values for the `Access-Control-Allow-Headers` HTTP response header in responses to CORS preflight requests. Defaults to `["*"]` (All headers).
`access_control_allow_methods` - A set of HTTP methods for CloudFront to include as values for the `Access-Control-Allow-Methods` header in responses to CORS preflight requests. Valid values are `GET`, `DELETE`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, `PUT`, or `ALL`). Defaults to `ALL` (All methods).
`access_control_allow_origins` - A set of the origins that CloudFront can use as values in the `Access-Control-Allow-Origin` response header. Use `*` value to allow CORS requests from all origins. Defaults to `["*"]` (All origins).
`access_control_expose_headers` - A set of HTTP header names for CloudFront to include as values for the `Access-Control-Expose-Headers` header in responses to CORS requests. Defaults to `[]` (None).
`access_control_max_age` - The number of seconds for CloudFront to use as the value for the `Access-Control-Max-Age` header in responses to CORS preflight requests. | 
object({
    enabled  = optional(bool, false)
    override = optional(bool, true)

    access_control_allow_credentials = optional(bool, false)
    access_control_allow_headers     = optional(set(string), ["*"])
    access_control_allow_methods     = optional(set(string), ["ALL"])
    access_control_allow_origins     = optional(set(string), ["*"])
    access_control_expose_headers    = optional(set(string), [])
    access_control_max_age           = optional(number, 600)
  })
| `{}` | no | +| [cors](#input\_cors) | A configuration for a set of HTTP response headers for CORS(Cross-Origin Resource Sharing). `cors` as defined below.
`enabled` - Whether to enable CORS configuration for the response headers policy .
`override` - Whether CloudFront override the response from the origin which contains one of the CORS headers specified in this policy. Defaults to `true`.
`access_control_allow_credentials` - Whether CloudFront adds the `Access-Control-Allow-Credentials` header in responses to CORS requests. When enabled, CloudFront adds the `Access-Control-Allow-Credentials: true` header in responses to CORS requests. Otherwise, CloudFront doesn't add this header to responses. Defaults to `false`.
`access_control_allow_headers` - A set of HTTP header names for CloudFront to include as values for the `Access-Control-Allow-Headers` HTTP response header in responses to CORS preflight requests. Defaults to `["*"]` (All headers).
`access_control_allow_methods` - A set of HTTP methods for CloudFront to include as values for the `Access-Control-Allow-Methods` header in responses to CORS preflight requests. Valid values are `GET`, `DELETE`, `HEAD`, `OPTIONS`, `PATCH`, `POST`, `PUT`, or `ALL`). Defaults to `ALL` (All methods).
`access_control_allow_origins` - A set of the origins that CloudFront can use as values in the `Access-Control-Allow-Origin` response header. Use `*` value to allow CORS requests from all origins. Defaults to `["*"]` (All origins).
`access_control_expose_headers` - A set of HTTP header names for CloudFront to include as values for the `Access-Control-Expose-Headers` header in responses to CORS requests. Defaults to `[]` (None).
`access_control_max_age` - The number of seconds for CloudFront to use as the value for the `Access-Control-Max-Age` header in responses to CORS preflight requests. | 
object({
    enabled  = optional(bool, false)
    override = optional(bool, true)

    access_control_allow_credentials = optional(bool, false)
    access_control_allow_headers     = optional(set(string), ["*"])
    access_control_allow_methods     = optional(set(string), ["ALL"])
    access_control_allow_origins     = optional(set(string), ["*"])
    access_control_expose_headers    = optional(set(string), [])
    access_control_max_age           = optional(number, 600)
  })
| `{}` | no | | [custom\_headers](#input\_custom\_headers) | A configuration for specifying the custom HTTP headers in HTTP responses sent from CloudFront. Each item of `custom_headers` as defined below.
`name` - The HTTP response header name.
`value` - The value for the HTTP response header. If a header value is not provided, CloudFront adds the empty header (with no value) to the response.
`override` - Whether CloudFront overrides a response header with the same name received from the origin with the header specifies here. | 
list(object({
    name     = string
    value    = string
    override = optional(bool, false)
  }))
| `[]` | no | | [description](#input\_description) | A comment to describe the response headers policy. | `string` | `"Managed by Terraform."` | no | | [frame\_options\_header](#input\_frame\_options\_header) | A configuration for `X-Frame-Options` header in HTTP responses sent from CloudFront. The `X-Frame-Options` HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a ``, `