/
cloudfront-policies.tf
128 lines (119 loc) · 2.67 KB
/
cloudfront-policies.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
/* --- Request Policies (Origin) --- */
resource "aws_cloudfront_origin_request_policy" "cf_dynamic_rp" {
name = "COP26-Dynamic-RequestPolicy"
comment = "Dynamic request policy for the COP26 WordPress site"
cookies_config {
cookie_behavior = "whitelist"
cookies {
items = [
"wordpress_*",
"comment_*",
"wp-settings-*"
]
}
}
headers_config {
header_behavior = "allViewer"
}
query_strings_config {
query_string_behavior = "all"
}
}
resource "aws_cloudfront_origin_request_policy" "cf_static_rp" {
name = "COP26-Static-RequestPolicy"
comment = "Static request policy for the COP26 WordPress site"
cookies_config {
cookie_behavior = "none"
}
headers_config {
header_behavior = "whitelist"
headers {
items = [
"Origin",
"Host",
"CloudFront-*"
]
}
}
query_strings_config {
query_string_behavior = "whitelist"
query_strings {
items = [
"p",
"page_id",
"post",
"post_type"
]
}
}
}
/* --- Cache Policies (Viewer) --- */
resource "aws_cloudfront_cache_policy" "cf_dynamic_cp" {
name = "COP26-Dynamic-CachePolicy"
comment = "Dynamic cache policy for the COP26 WordPress site"
default_ttl = 300
max_ttl = 600
min_ttl = 1
parameters_in_cache_key_and_forwarded_to_origin {
enable_accept_encoding_brotli = true
enable_accept_encoding_gzip = true
cookies_config {
cookie_behavior = "whitelist"
cookies {
items = [
"wordpress_*",
"comment_*",
"wp-settings-*"
]
}
}
headers_config {
header_behavior = "whitelist"
headers {
items = [
"Origin",
"Host",
"Authorization"
]
}
}
query_strings_config {
query_string_behavior = "all"
}
}
}
resource "aws_cloudfront_cache_policy" "cf_static_cp" {
name = "COP26-Static-CachePolicy"
comment = "Static cache policy for the COP26 WordPress site"
default_ttl = 600
max_ttl = 1200
min_ttl = 1
parameters_in_cache_key_and_forwarded_to_origin {
enable_accept_encoding_brotli = true
enable_accept_encoding_gzip = true
cookies_config {
cookie_behavior = "none"
}
headers_config {
header_behavior = "whitelist"
headers {
items = [
"Origin",
"Host",
"Authorization"
]
}
}
query_strings_config {
query_string_behavior = "whitelist"
query_strings {
items = [
"p",
"page_id",
"post",
"post_type"
]
}
}
}
}