diff --git a/terraform/modules/acm/README.md b/terraform/modules/acm/README.md
index 14155bf..fb86454 100644
--- a/terraform/modules/acm/README.md
+++ b/terraform/modules/acm/README.md
@@ -30,7 +30,7 @@ No modules.
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [dns\_ttl](#input\_dns\_ttl) | The TTL of DNS recursive resolvers to cache information about this record. | `number` | `60` | no |
-| [domain\_name](#input\_domain\_name) | A domain name for which the certificate should be issued | `string` | `""` | no |
+| [domain\_name](#input\_domain\_name) | A domain name for which the certificate should be issued | `string` | n/a | yes |
| [subject\_alternative\_names](#input\_subject\_alternative\_names) | A list of domains that should be SANs in the issued certificate | `list(string)` | `[]` | no |
| [tags](#input\_tags) | A mapping of tags to assign to the resource | `map(string)` | `{}` | no |
| [validation\_allow\_overwrite\_records](#input\_validation\_allow\_overwrite\_records) | Whether to allow overwrite of Route53 records | `bool` | `true` | no |
diff --git a/terraform/modules/cloudfront/README.md b/terraform/modules/cloudfront/README.md
index 72c45db..62e76a5 100644
--- a/terraform/modules/cloudfront/README.md
+++ b/terraform/modules/cloudfront/README.md
@@ -21,6 +21,7 @@ No modules.
| Name | Type |
|------|------|
| [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource |
+| [aws_cloudfront_function.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_function) | resource |
## Inputs
@@ -28,6 +29,7 @@ No modules.
|------|-------------|------|---------|:--------:|
| [acm\_certificate\_arn](#input\_acm\_certificate\_arn) | ACM certificate. | `string` | n/a | yes |
| [aliases](#input\_aliases) | Domain aliases. | `any` | n/a | yes |
+| [code](#input\_code) | CloudFront function code to run. | `string` | n/a | yes |
| [default\_cache\_behavior](#input\_default\_cache\_behavior) | The default cache behavior for this distribution | `any` | n/a | yes |
| [default\_root\_object](#input\_default\_root\_object) | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. | `string` | `null` | no |
| [enabled](#input\_enabled) | Whether the distribution is enabled to accept end user requests for content. | `bool` | `true` | no |
diff --git a/terraform/modules/s3/README.md b/terraform/modules/s3/README.md
index 8859fa4..316fb67 100644
--- a/terraform/modules/s3/README.md
+++ b/terraform/modules/s3/README.md
@@ -20,10 +20,12 @@ No modules.
| Name | Type |
|------|------|
+| [aws_cloudfront_origin_access_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_identity) | resource |
| [aws_s3_bucket.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket) | resource |
| [aws_s3_bucket_acl.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl) | resource |
| [aws_s3_bucket_logging.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_logging) | resource |
| [aws_s3_bucket_policy.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy) | resource |
+| [aws_s3_bucket_public_access_block.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_public_access_block) | resource |
| [aws_s3_bucket_website_configuration.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_website_configuration) | resource |
| [aws_s3_object.index](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
| [aws_s3_object.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_object) | resource |
@@ -47,6 +49,8 @@ No modules.
| Name | Description |
|------|-------------|
| [arn](#output\_arn) | The ARN of the bucket. Will be of format arn:aws:s3:::bucketname. |
+| [cloudfront\_access\_identity](#output\_cloudfront\_access\_identity) | The cloudfront OAI access identity path. |
+| [domain\_name](#output\_domain\_name) | The bucket region-specific domain name. |
| [id](#output\_id) | The bucket domain name. Will be of format bucketname.s3.amazonaws.com. |
| [website\_endpoint](#output\_website\_endpoint) | The website endpoint, if the bucket is configured with a website. If not, this will be an empty string. |
\ No newline at end of file
diff --git a/terraform/modules/s3/outputs.tf b/terraform/modules/s3/outputs.tf
index c5211ff..c105377 100644
--- a/terraform/modules/s3/outputs.tf
+++ b/terraform/modules/s3/outputs.tf
@@ -19,10 +19,10 @@ output "website_endpoint" {
output "domain_name" {
description = "The bucket region-specific domain name."
- value = aws_s3_bucket.this.bucket_regional_domain_name
+ value = aws_s3_bucket.this.bucket_regional_domain_name
}
output "cloudfront_access_identity" {
description = "The cloudfront OAI access identity path."
- value = aws_cloudfront_origin_access_identity.this.cloudfront_access_identity_path
+ value = aws_cloudfront_origin_access_identity.this.cloudfront_access_identity_path
}
diff --git a/terraform/organization/cloudfront.tf b/terraform/organization/cloudfront.tf
index 16ac348..7b9f1bb 100644
--- a/terraform/organization/cloudfront.tf
+++ b/terraform/organization/cloudfront.tf
@@ -1,6 +1,6 @@
module "cloudfront" {
for_each = local.cloudfront
- source = "../modules/cloudfront"
+ source = "../modules/cloudfront"
providers = {
aws = aws.aws
@@ -14,13 +14,13 @@ module "cloudfront" {
enabled = true
web_acl_id = try(each.value.web_acl_id, null)
- aliases = each.value.aliases
+ aliases = each.value.aliases
acm_certificate_arn = module.acm.certificate_arn
default_root_object = "index.html"
origin = each.value.origin
-
+
default_cache_behavior = each.value.default_cache_behavior
- code = try(each.value.code, "")
+ code = try(each.value.code, "")
}