Skip to content
Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Terraform CI

How to use this module

Before you get started, you'll need a few things that are outside the scope of this module. You will need:

  • A way to deploy Terraform in your environment
  • An Amazon Certificate Manager certificate
  • Proper IAM permissions to deploy resources in your environment either with your IAM account or a role, depending on how you deploy Terraform
  • A random string of characters for a shared secret between CloudFront and S3

First, create your Amazon certificate using the normal process. Note down the ARN and supply it for the variable "acm_site_certificate_arn" below.

This chunk of code creates a site for "":

module "example_site" {
    source = ""
    create_www_redirect_bucket = "true"
    create_cloudfront_distribution = "true"
    site_github_owner = "<your-github-owner>"
    site_tld = ""
    acm_site_certificate_arn = "arn:aws:acm:us-east-1:111111111111:certificate/00000000-0000-0000-0000-000000000000"
    create_public_dns_zone = "false"
    create_public_dns_site_record = "true"
    create_public_dns_www_record = "true"


Name Version
terraform >= 1.0


Name Version
aws n/a
random n/a


No modules.


Name Type
aws_cloudfront_distribution.site_cloudfront_distribution resource
aws_iam_access_key.content_sync_key resource
aws_iam_user.content_sync resource
aws_iam_user_policy.content_sync_policy resource
aws_route53_record.site_tld_record resource
aws_route53_record.site_www_record resource
aws_route53_zone.primary_site_tld resource
aws_s3_bucket.main_site resource
aws_s3_bucket.site_cloudfront_logs resource
aws_s3_bucket.site_www_redirect resource
aws_s3_bucket_public_access_block.cloudfront_logs_block resource
aws_s3_bucket_public_access_block.content_bucket_block resource
random_password.random_site_secret resource
random_uuid.random_bucket_name resource
aws_canonical_user_id.current data source
aws_route53_zone.site_tld_selected data source


Name Description Type Default Required
acm_site_certificate_arn ARN of an ACM certificate to use for https on the CloudFront distribution. string n/a yes
cloudfront_price_class Price class for Cloudfront. string "PriceClass_100" no
content_bucket_versioning Defines whether or not to set versioning on the content bucket. bool true no
create_cloudfront_distribution Defines whether or not to create a CloudFront distribution for the S3 bucket. bool true no
create_content_sync_user Optionally create an IAM user and access keys to sync the content bucket. Note that this will store access information in your state file. Protect it accordingly. bool false no
create_public_dns_site_record If set to true, creates a public DNS record in your site_tld hosted zone. If you do not already have a hosted zone for this TLD, you should set create_public_dns_zone to true. Otherwise, this will try to create a record in an existing zone or fail. bool true no
create_public_dns_www_record Defines whether or not to create a WWW DNS record for the site. bool false no
create_public_dns_zone If set to true, creates a public hosted zone in Route53 for your site. bool false no
create_www_redirect_bucket Defines whether or not to create a www redirect S3 bucket. bool true no
error_page_object The error page object for the Cloudfront/S3 distribution. string "404.html" no
log_include_cookies Defines whether or not CloudFront should log cookies. bool false no
root_page_object The root page object for the Cloudfront/S3 distribution. string "index.html" no
site_region Region in which to provision the site. Default: us-east-1 string "us-east-1" no
site_tld TLD of the website you want to create. A bucket will be created that is named this. Note that the module will error out if this bucket already exists in AWS. Example: string n/a yes


Name Description
cloudfront_distribution_id CloudFront distribution ID.
content_sync_access_key Access key ID of the optional content sync user.
content_sync_access_secret Secret Access key of the optional content sync user. This is marked as sensitive and will not show in plan output, but be aware that it is stored in your state file. Encrypt accordingly.
content_sync_bucket_name Bucket name that contains the content for the site.


Terraform module that produces an S3 website plus supporting infrastructure for CD




No packages published