-
Notifications
You must be signed in to change notification settings - Fork 0
/
outputs.tf
executable file
·104 lines (93 loc) · 4.81 KB
/
outputs.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
output "auth_services" {
description = "Details of the created AWS Lambda functions for each of the auth services"
value = {
check_auth = {
enabled = local.service_config.check_auth.enabled
fn_arn = local.service_config.check_auth.enabled ? try("${aws_lambda_function.auth_service["check_auth"].arn}:${aws_lambda_function.auth_service["check_auth"].version}", "") : null
}
parse_auth = {
enabled = local.service_config.parse_auth.enabled
fn_arn = local.service_config.check_auth.enabled ? try("${aws_lambda_function.auth_service["parse_auth"].arn}:${aws_lambda_function.auth_service["parse_auth"].version}", "") : null
}
refresh_auth = {
enabled = local.service_config.refresh_auth.enabled
fn_arn = local.service_config.check_auth.enabled ? try("${aws_lambda_function.auth_service["refresh_auth"].arn}:${aws_lambda_function.auth_service["refresh_auth"].version}", "") : null
}
revoke_auth = {
enabled = local.service_config.revoke_auth.enabled
fn_arn = local.service_config.check_auth.enabled ? try("${aws_lambda_function.auth_service["revoke_auth"].arn}:${aws_lambda_function.auth_service["revoke_auth"].version}", "") : null
}
}
depends_on = [
aws_lambda_function.auth_service["check_auth"],
aws_lambda_function.auth_service["parse_auth"],
aws_lambda_function.auth_service["refresh_auth"],
aws_lambda_function.auth_service["revoke_auth"],
]
}
output "auth_routes" {
description = "Details of the created AWS Lambda functions for each of the auth services"
value = local.auth_service_enabled ? [
{
path_pattern = local.auth_service_config.redirectPathAuthSignIn
allowed_methods = ["GET", "HEAD"]
compress = true
cache_policy = try(data.aws_cloudfront_cache_policy.disabled[0].id)
origin_request_policy = try(data.aws_cloudfront_origin_request_policy.all[0].id)
response_headers_policy = try(data.aws_cloudfront_response_headers_policy.cors_preflight_hsts[0].id)
viewer_protocol_policy = "redirect-to-https"
lambda_function_association = [{
event_type = "viewer-request"
lambda_arn = try("${aws_lambda_function.auth_service["parse_auth"].arn}:${aws_lambda_function.auth_service["parse_auth"].version}", "")
include_body = false
}]
}, {
path_pattern = local.auth_service_config.redirectPathAuthRefresh
allowed_methods = ["GET", "HEAD"]
compress = true
cache_policy = try(data.aws_cloudfront_cache_policy.disabled[0].id)
origin_request_policy = try(data.aws_cloudfront_origin_request_policy.all[0].id)
response_headers_policy = try(data.aws_cloudfront_response_headers_policy.cors_preflight_hsts[0].id)
viewer_protocol_policy = "redirect-to-https"
lambda_function_association = [{
event_type = "viewer-request"
lambda_arn = try("${aws_lambda_function.auth_service["refresh_auth"].arn}:${aws_lambda_function.auth_service["refresh_auth"].version}", "")
include_body = false
}]
},
{
path_pattern = local.auth_service_config.urlSignOut
allowed_methods = ["GET", "HEAD"]
compress = true
cache_policy = try(data.aws_cloudfront_cache_policy.disabled[0].id)
origin_request_policy = try(data.aws_cloudfront_origin_request_policy.all[0].id)
response_headers_policy = try(data.aws_cloudfront_response_headers_policy.cors_preflight_hsts[0].id)
viewer_protocol_policy = "redirect-to-https"
lambda_function_association = [{
event_type = "viewer-request"
lambda_arn = try("${aws_lambda_function.auth_service["revoke_auth"].arn}:${aws_lambda_function.auth_service["revoke_auth"].version}", "")
include_body = false
}]
}
] : []
depends_on = [
aws_lambda_function.auth_service["check_auth"],
aws_lambda_function.auth_service["parse_auth"],
aws_lambda_function.auth_service["refresh_auth"],
aws_lambda_function.auth_service["revoke_auth"],
]
}
output "urlrewrite_services" {
description = "Details of the created AWS Lambda functions for each of the auth services"
value = {
rewrite_url = {
enabled = local.urlrewrite_service_enabled
fn_arn = local.urlrewrite_service_enabled ? try("${aws_lambda_function.urlrewrite_service["rewrite_url"].arn}:${aws_lambda_function.urlrewrite_service["rewrite_url"].version}", "") : null
fn_name = local.urlrewrite_service_enabled ? aws_lambda_function.urlrewrite_service["rewrite_url"].function_name : ""
fn_version = local.urlrewrite_service_enabled ? aws_lambda_function.urlrewrite_service["rewrite_url"].version : ""
}
}
depends_on = [
aws_lambda_function.urlrewrite_service["rewrite_url"],
]
}