Merged in dev/fabien/MPC-3801-selective-disabling-of-cloudfront-cache…

…-for-dev (pull request elastic#342)

MPC-3801: allow disabling of cloudfront cache for dev

* make cloudfront cached file extensions configurable

* typo fix
* add cf_cached_extensions to env_vars.tfvars.sample


Approved-by: Can Yildiz

aws/ams-cluster-v1-tf/cloudfront.tf

@@ -66,20 +66,7 @@ resource "aws_cloudfront_distribution" "cloudfront_cdn" {
   # otherwise we end up caching things like
   # https://fabien.us.engageli-dev.com/fabien/current/?R=fabien-test
   dynamic "ordered_cache_behavior" {
-    for_each = toset([
-      "*.bin",
-      "*.ico",
-      "*.js",
-      "*.png",
-      "*.svg",
-      "*.tflite",
-      "*.txt",
-      "*.wasm",
-      "*.webm",
-      "*.woff",
-      "*.woff2"
-    ])
-
+    for_each = toset(var.cf_cached_extensions)
     content {
       path_pattern             = ordered_cache_behavior.key
       allowed_methods          = ["GET", "HEAD"]

aws/ams-cluster-v1-tf/tfvars/env_vars.tfvars.sample

@@ -94,3 +94,7 @@ deprecated_recorder_bucket_management_enabled = true
 
 # Enable security monitoring
 # wazuh_agent_enabled = true
+
+# the list of extensions that cloudfront will cache
+# empty list means that nothing gets cached
+# cf_cached_extensions = []

aws/ams-cluster-v1-tf/variables.tf

@@ -383,6 +383,24 @@ variable "cf_static_min_ttl" {
   default     = 60
 }
 
+variable "cf_cached_extensions" {
+  description = "list of file extensions cached by cloudfront"
+  type = list(string)
+  default = [
+    "*.bin",
+    "*.ico",
+    "*.js",
+    "*.png",
+    "*.svg",
+    "*.tflite",
+    "*.txt",
+    "*.wasm",
+    "*.webm",
+    "*.woff",
+    "*.woff2"
+  ]
+}
+
 #https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html
 variable "aws_lb_ssl_policy" {
   description = "SSL Policy for aws_lb_listener"