Skip to content

tfstack/terraform-aws-s3-static-website

BranchesTags

Repository files navigation

terraform-aws-s3-static-website

Terraform module that deploys basic AWS S3 static website

Requirements

Name Version
terraform >= 1.0
aws >= 4.0

Providers

Name Version
aws >= 4.0
aws.us_east_1 >= 4.0

Modules

No modules.

Resources

Name Type
aws_acm_certificate.this resource
aws_acm_certificate_validation.this resource
aws_cloudfront_distribution.this resource
aws_cloudfront_origin_access_identity.this resource
aws_route53_record.cloudfront resource
aws_route53_record.ssl_validation resource
aws_s3_bucket.logging resource
aws_s3_bucket.this resource
aws_s3_bucket_acl.this resource
aws_s3_bucket_lifecycle_configuration.logging resource
aws_s3_bucket_logging.logging resource
aws_s3_bucket_ownership_controls.logging resource
aws_s3_bucket_ownership_controls.this resource
aws_s3_bucket_policy.this resource
aws_s3_bucket_public_access_block.this resource
aws_s3_bucket_server_side_encryption_configuration.logging resource
aws_s3_bucket_versioning.this resource
aws_s3_bucket_website_configuration.this resource
aws_s3_object.this resource
aws_region.current data source
aws_route53_zone.this data source

Inputs

Name Description Type Default Required
cdn_config Settings for enabling HTTPS, CloudFront, ACM, and optional custom domain configurations. 
object({
    enable = bool
    domain = object({
      name     = string
      sub_name = string
      ttl      = optional(number, 300)
    })
    validation_method      = optional(string, "DNS")
    origin_access_comment  = optional(string, "Access Identity for S3 Origin")
    allowed_methods        = optional(list(string), ["GET", "HEAD", "OPTIONS"])
    cached_methods         = optional(list(string), ["GET", "HEAD"])
    enable_compression     = optional(bool, true)
    protocol_policy        = optional(string, "redirect-to-https")
    forward_query_string   = optional(bool, false)
    forward_cookies        = optional(string, "none")
    minimum_ttl            = optional(number, 0)
    default_ttl            = optional(number, 300)
    maximum_ttl            = optional(number, 1200)
    price_class            = optional(string, "PriceClass_All")
    error_page_path        = optional(string, "/error.html")
    error_page_cache_ttl   = optional(number, 300)
    ssl_support_method     = optional(string, "sni-only")
    minimum_tls_version    = optional(string, "TLSv1.2_2021")
    geo_restriction_policy = optional(string, "none")
  })
 
{
  "allowed_methods": [
    "GET",
    "HEAD",
    "OPTIONS"
  ],
  "cached_methods": [
    "GET",
    "HEAD"
  ],
  "default_ttl": 300,
  "domain": {
    "name": "",
    "sub_name": "",
    "ttl": 300
  },
  "enable": false,
  "enable_compression": true,
  "error_page_cache_ttl": 300,
  "error_page_path": "/error.html",
  "forward_cookies": "none",
  "forward_query_string": false,
  "geo_restriction_policy": "none",
  "maximum_ttl": 1200,
  "minimum_tls_version": "TLSv1.2_2021",
  "minimum_ttl": 0,
  "origin_access_comment": "Access Identity for S3 Origin",
  "price_class": "PriceClass_All",
  "protocol_policy": "redirect-to-https",
  "ssl_support_method": "sni-only",
  "validation_method": "DNS"
}
 no
logging_config Configuration for S3 bucket logging. 
object({
    enable               = bool
    s3_prefix            = optional(string, "s3/")
    cloudfront_prefix    = optional(string, "cloudfront/")
    log_retention_days   = optional(number, 30)
    enable_encryption    = optional(bool, true)
    encryption_algorithm = optional(string, "AES256")
  })
 
{
  "cloudfront_prefix": "cloudfront/",
  "enable": false,
  "enable_encryption": true,
  "encryption_algorithm": "AES256",
  "log_retention_days": 90,
  "s3_prefix": "s3/"
}
 no
s3_config Configuration for the S3 bucket, including naming, access controls, and website settings. 
object({
    bucket_name          = optional(string, "s3-static-site")
    bucket_acl           = optional(string, "private")
    bucket_suffix        = optional(string, "")
    enable_force_destroy = optional(bool, false)
    object_ownership     = optional(string, "BucketOwnerPreferred")
    enable_versioning    = optional(bool, false)
    index_document       = optional(string, "index.html")
    error_document       = optional(string, "")
    public_access = object({
      block_public_acls       = optional(bool, true)
      block_public_policy     = optional(bool, true)
      ignore_public_acls      = optional(bool, true)
      restrict_public_buckets = optional(bool, true)
    })
    source_file_path   = optional(string, "/var/www")
    allowed_principals = optional(list(string), ["*"])
  })
 
{
  "allowed_principals": [
    "*"
  ],
  "bucket_acl": "private",
  "bucket_name": "s3-static-site",
  "bucket_suffix": "",
  "enable_force_destroy": false,
  "enable_versioning": false,
  "error_document": "",
  "index_document": "index.html",
  "object_ownership": "BucketOwnerPreferred",
  "public_access": {
    "block_public_acls": true,
    "block_public_policy": true,
    "ignore_public_acls": true,
    "restrict_public_buckets": true
  },
  "source_file_path": "/var/www"
}
 no
tags A map of tags to assign to the resources. Tags are useful for identifying and managing resources in AWS. If no tags are provided, an empty map will be used. map(string) {} no

Outputs

Name Description
acm_certificate_arn The ARN of the ACM certificate used for the CloudFront distribution, if HTTPS is enabled.
cloudfront_distribution_arn The ARN of the CloudFront distribution, if CDN is enabled. Null if CDN is disabled.
cloudfront_distribution_id The ID of the CloudFront distribution, if CDN is enabled. Null if CDN is disabled.
cloudfront_dns_name The DNS name for the CloudFront distribution, managed by Route 53, if CDN is enabled.
cloudfront_website_url The website URL served through CloudFront when CDN is enabled. Empty if CDN is disabled.
s3_bucket_arn The ARN of the S3 bucket.
s3_bucket_domain_name The domain name of the S3 bucket (legacy global endpoint).
s3_bucket_id The unique ID of the S3 bucket.
s3_bucket_region The AWS region where the S3 bucket is deployed.
s3_bucket_regional_domain_name The regional domain name of the S3 bucket (recommended for CloudFront origins).
s3_logging_bucket The ID of the S3 bucket used for logging, if logging is enabled. Null if logging is disabled.
s3_website_url The HTTP URL of the S3 static website. Note: HTTPS is not natively supported by S3.
website_url The dynamic website URL, using Route 53 custom domain if CDN is enabled, otherwise S3.

About

Terraform module that deploys basic AWS S3 static website

registry.terraform.io/modules/tfstack/s3-static-website/aws/latest

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases 6

v1.0.5 Latest
Aug 20, 2025
+ 5 releases

Packages

No packages published

Contributors 2

  •  
  •  

Languages