diff --git a/README.md b/README.md
index 4a12232..0838827 100644
--- a/README.md
+++ b/README.md
@@ -194,7 +194,7 @@ No modules.
| [create](#input\_create) | Controls if resources should be created (affects nearly all resources) | `bool` | `true` | no |
| [create\_monitoring\_subscription](#input\_create\_monitoring\_subscription) | If enabled, the resource for monitoring subscription will created | `bool` | `false` | no |
| [custom\_error\_response](#input\_custom\_error\_response) | One or more custom error response elements | list(object({
error_caching_min_ttl = optional(number)
error_code = number
response_code = optional(number)
response_page_path = optional(string)
})) | `null` | no |
-| [default\_cache\_behavior](#input\_default\_cache\_behavior) | The default cache behavior for this distribution | object({
allowed_methods = optional(list(string), ["GET", "HEAD", "OPTIONS"])
cache_policy_id = optional(string)
cache_policy_name = optional(string)
cached_methods = optional(list(string), ["GET", "HEAD"])
compress = optional(bool, true)
default_ttl = optional(number)
field_level_encryption_id = optional(string)
forwarded_values = optional(object({
cookies = object({
forward = optional(string, "none")
whitelisted_names = optional(list(string))
})
headers = optional(list(string))
query_string = optional(bool, false)
query_string_cache_keys = optional(list(string))
}),
{
cookies = {
forward = "none"
}
query_string = false
}
)
function_association = optional(map(object({
event_type = optional(string)
function_arn = optional(string)
function_key = optional(string)
})))
grpc_config = optional(object({
enabled = optional(bool)
}))
lambda_function_association = optional(map(object({
event_type = optional(string)
include_body = optional(bool)
lambda_arn = string
})))
max_ttl = optional(number)
min_ttl = optional(number)
origin_request_policy_id = optional(string)
origin_request_policy_name = optional(string)
realtime_log_config_arn = optional(string)
response_headers_policy_id = optional(string)
response_headers_policy_name = optional(string)
smooth_streaming = optional(bool)
target_origin_id = string
trusted_key_groups = optional(list(string))
trusted_signers = optional(list(string))
viewer_protocol_policy = optional(string, "https-only")
}) | n/a | yes |
+| [default\_cache\_behavior](#input\_default\_cache\_behavior) | The default cache behavior for this distribution | object({
allowed_methods = optional(list(string), ["GET", "HEAD", "OPTIONS"])
cache_policy_id = optional(string)
cache_policy_name = optional(string)
cached_methods = optional(list(string), ["GET", "HEAD"])
compress = optional(bool, true)
default_ttl = optional(number)
field_level_encryption_id = optional(string)
forwarded_values = optional(object({
cookies = object({
forward = optional(string, "none")
whitelisted_names = optional(list(string))
})
headers = optional(list(string))
query_string = optional(bool, false)
query_string_cache_keys = optional(list(string))
}),
{
cookies = {
forward = "none"
}
query_string = false
}
)
function_association = optional(map(object({
event_type = optional(string)
function_arn = optional(string)
function_key = optional(string)
})))
grpc_config = optional(object({
enabled = optional(bool)
}))
lambda_function_association = optional(map(object({
event_type = optional(string)
include_body = optional(bool)
lambda_arn = string
})))
max_ttl = optional(number)
min_ttl = optional(number)
origin_request_policy_id = optional(string)
origin_request_policy_name = optional(string)
realtime_log_config_arn = optional(string)
response_headers_policy_id = optional(string)
response_headers_policy_name = optional(string)
smooth_streaming = optional(bool)
target_origin_id = string
trusted_key_groups = optional(list(string))
trusted_signers = optional(list(string))
viewer_protocol_policy = optional(string, "https-only")
}) | `null` | no |
| [default\_root\_object](#input\_default\_root\_object) | The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL | `string` | `null` | no |
| [enabled](#input\_enabled) | Whether the distribution is enabled to accept end user requests for content | `bool` | `true` | no |
| [http\_version](#input\_http\_version) | The maximum HTTP version to support on the distribution. Allowed values are http1.1, http2, http2and3, and http3. The default is http2 | `string` | `"http2"` | no |
diff --git a/examples/complete/main.tf b/examples/complete/main.tf
index fb108f4..ce0f25f 100644
--- a/examples/complete/main.tf
+++ b/examples/complete/main.tf
@@ -169,6 +169,10 @@ module "cloudfront" {
viewer-request = {
function_arn = aws_cloudfront_function.example.arn
}
+ # Or ARN reference to standalone function created with the module
+ viewer-response = {
+ function_arn = module.standalone_cloudfront_functions.cloudfront_functions.example.arn
+ }
# Option 2: Dynamic reference to module-managed function by key/name
# Uncomment to use module-managed functions instead:
@@ -179,11 +183,6 @@ module "cloudfront" {
# viewer-response = {
# function_key = "viewer-response-headers"
# }
-
- # For this example, using standalone function for both
- viewer-response = {
- function_arn = aws_cloudfront_function.example.arn
- }
}
},
{
@@ -337,6 +336,24 @@ module "cloudfront" {
tags = local.tags
}
+# Create CloudFront function using the module
+module "standalone_cloudfront_functions" {
+ source = "../../"
+
+ # Don't create main resources, only functions
+ create = false
+
+ cloudfront_functions = {
+ example = {
+ name = "shared-${local.name}"
+ runtime = "cloudfront-js-1.0"
+ code = file("./functions/example-function.js")
+ }
+ }
+
+ origin_access_control = {}
+}
+
module "records" {
source = "terraform-aws-modules/route53/aws//modules/records"
version = "~> 5.0"
diff --git a/main.tf b/main.tf
index 8fc52b3..b2fa7a5 100644
--- a/main.tf
+++ b/main.tf
@@ -535,7 +535,10 @@ resource "aws_cloudfront_monitoring_subscription" "this" {
################################################################################
locals {
- cache_behaviors = concat([var.default_cache_behavior], var.ordered_cache_behavior)
+ cache_behaviors = concat(
+ var.default_cache_behavior != null ? [var.default_cache_behavior] : [],
+ var.ordered_cache_behavior != null ? var.ordered_cache_behavior : []
+ )
}
data "aws_cloudfront_cache_policy" "this" {
diff --git a/variables.tf b/variables.tf
index d7ac1e3..3581cd5 100644
--- a/variables.tf
+++ b/variables.tf
@@ -101,7 +101,7 @@ variable "default_cache_behavior" {
trusted_signers = optional(list(string))
viewer_protocol_policy = optional(string, "https-only")
})
- nullable = false
+ default = null
}
variable "default_root_object" {
diff --git a/wrappers/main.tf b/wrappers/main.tf
index 0379e31..4be691f 100644
--- a/wrappers/main.tf
+++ b/wrappers/main.tf
@@ -11,7 +11,7 @@ module "wrapper" {
create = try(each.value.create, var.defaults.create, true)
create_monitoring_subscription = try(each.value.create_monitoring_subscription, var.defaults.create_monitoring_subscription, false)
custom_error_response = try(each.value.custom_error_response, var.defaults.custom_error_response, null)
- default_cache_behavior = try(each.value.default_cache_behavior, var.defaults.default_cache_behavior)
+ default_cache_behavior = try(each.value.default_cache_behavior, var.defaults.default_cache_behavior, null)
default_root_object = try(each.value.default_root_object, var.defaults.default_root_object, null)
enabled = try(each.value.enabled, var.defaults.enabled, true)
http_version = try(each.value.http_version, var.defaults.http_version, "http2")