locals { bucket_name = "bsmsapp" path = "../resources" s3 = { website = { type = 1 bucket_name = local.bucket_name bucket_acl = "private" path = "../resources" website = { index_document = "index.html" error_document = "error.html" } objects = { favicon = { filename = "favicon.ico" content_type = "image/x-icon" } loading = { filename = "loading.gif" content_type = "image/gif" } } } logs = { type = 2 bucket_name = "${local.bucket_name}-logs" bucket_acl = "log-delivery-write" } } lambdas = { lambdaSQS = { package = "${local.path}/lambda/lambdaSQS.zip" function_name = "AWSLambdaHandlerAPISQSDBg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.stepfunctions_sg.id }, lambdaDB = { package = "${local.path}/lambda/lambdaDB.zip" function_name = "AWSLambdaHandlerAPIDBg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.dynamodb_sg.id } lambdaSNS = { package = "${local.path}/lambda/lambdaSNS.zip" function_name = "AWSLambdaHandlerAPISNSg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.sns_sg.id } lambdaGET = { package = "${local.path}/lambda/lambdaGET.zip" function_name = "AWSLambdaHandlerGETg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.7", security_group_ids = aws_security_group.sns_sg.id } lambdaUpdate = { package = "${local.path}/lambda/lambdaUpdate.zip" function_name = "AWSLambdaHandlerUpdateg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.dynamodb_sg.id } lambdaError = { package = "${local.path}/lambda/lambdaError.zip" function_name = "AWSLambdaHandlerSNSErrorg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.sns_sg.id } lambdaUpdateAPI = { package = "${local.path}/lambda/lambdaUpdateAPI.zip" function_name = "AWSLambdaHandlerUpdateAPIg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.dynamodb_sg.id } lambdaRemove = { package = "${local.path}/lambda/lambdaRemove.zip" function_name = "AWSLambdaHandlerRemoveDBg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.dynamodb_sg.id } lambdaTopicSNS = { package = "${local.path}/lambda/lambdaTopicSNS.zip" function_name = "AWSLambdaHandlerTopicSNSg3" role = "arn:aws:iam::${data.aws_caller_identity.current.account_id}:role/LabRole" handler = "lambda_handler.main" runtime = "python3.9", security_group_ids = aws_security_group.sns_sg.id } } private_inbound = [ { rule_number = 100 rule_action = "allow" from_port = 1024 to_port = 65535 protocol = "tcp" cidr_block = "0.0.0.0/0" } ] private_outbound = [ { rule_number = 100 rule_action = "allow" from_port = 0 to_port = 65535 protocol = 6 cidr_block = "0.0.0.0/0" } ] domain = "santilococo.com.ar" emails = ["slococo@itba.edu.ar"] cloudfront = { root = { web_acl_id = module.waf.web_acl_arn aliases = [ local.domain ] origin = { api-gateway = { domain_name = replace(replace(module.apigw.endpoint, "https://", ""), "/", "") origin_path = "/api" custom_origin_config = { http_port = 80 https_port = 443 origin_protocol_policy = "match-viewer" origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"] } } s3 = { domain_name = module.s3["website"].domain_name s3_origin_config = { origin_access_identity = module.s3["website"].cloudfront_access_identity } } } default_cache_behavior = { target_origin_id = "s3" viewer_protocol_policy = "redirect-to-https" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] min_ttl = 0 default_ttl = 3600 max_ttl = 86400 } }, redirect = { aliases = [ "www.${local.domain}" ] origin = { s3 = { domain_name = module.s3["website"].domain_name s3_origin_config = { origin_access_identity = module.s3["website"].cloudfront_access_identity } } } default_cache_behavior = { target_origin_id = "s3" viewer_protocol_policy = "redirect-to-https" allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] min_ttl = 0 default_ttl = 3600 max_ttl = 86400 function_association = { viewer-request = {} } } code = file("${local.path}/lambda/redirectWWW.js") } } }