From 18f1735ceea118524ec2e97b7d61ecbc1db3658b Mon Sep 17 00:00:00 2001 From: Vladimir Samoylov Date: Tue, 12 Oct 2021 14:59:16 +0700 Subject: [PATCH 1/4] add aws_cloudfront_monitoring_subscription --- README.md | 4 ++++ main.tf | 11 +++++++++++ outputs.tf | 5 +++++ variables.tf | 12 ++++++++++++ versions.tf | 2 +- 5 files changed, 33 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 795d59b..96e062b 100644 --- a/README.md +++ b/README.md @@ -104,6 +104,7 @@ No modules. | Name | Type | |------|------| | [aws_cloudfront_distribution.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_distribution) | resource | +| [aws_cloudfront_monitoring_subscription.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_monitoring_subscription) | resource | | [aws_cloudfront_origin_access_identity.this](https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudfront_origin_access_identity) | resource | ## Inputs @@ -113,6 +114,7 @@ No modules. | [aliases](#input\_aliases) | Extra CNAMEs (alternate domain names), if any, for this distribution. | `list(string)` | `null` | no | | [comment](#input\_comment) | Any comments you want to include about the distribution. | `string` | `null` | no | | [create\_distribution](#input\_create\_distribution) | Controls if CloudFront distribution should be created | `bool` | `true` | no | +| [create\_monitoring\_subscription](#input\_create\_monitoring\_subscription) | If enabled, the resource for monitoring subscription will created. | `bool` | `false` | no | | [create\_origin\_access\_identity](#input\_create\_origin\_access\_identity) | Controls if CloudFront origin access identity should be created | `bool` | `false` | no | | [custom\_error\_response](#input\_custom\_error\_response) | One or more custom error response elements | `any` | `{}` | no | | [default\_cache\_behavior](#input\_default\_cache\_behavior) | The default cache behavior for this distribution | `any` | `null` | no | @@ -127,6 +129,7 @@ No modules. | [origin\_access\_identities](#input\_origin\_access\_identities) | Map of CloudFront origin access identities (value as a comment) | `map(string)` | `{}` | no | | [origin\_group](#input\_origin\_group) | One or more origin\_group for this distribution (multiples allowed). | `any` | `{}` | no | | [price\_class](#input\_price\_class) | The price class for this distribution. One of PriceClass\_All, PriceClass\_200, PriceClass\_100 | `string` | `null` | no | +| [realtime\_metrics\_subscription\_status](#input\_realtime\_metrics\_subscription\_status) | A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`. | `string` | `"Enabled"` | no | | [retain\_on\_delete](#input\_retain\_on\_delete) | Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards. | `bool` | `false` | no | | [tags](#input\_tags) | A map of tags to assign to the resource. | `map(string)` | `null` | no | | [viewer\_certificate](#input\_viewer\_certificate) | The SSL configuration for this distribution | `any` | 
{
  "cloudfront_default_certificate": true,
  "minimum_protocol_version": "TLSv1"
}
| no | @@ -147,6 +150,7 @@ No modules. | [cloudfront\_distribution\_last\_modified\_time](#output\_cloudfront\_distribution\_last\_modified\_time) | The date and time the distribution was last modified. | | [cloudfront\_distribution\_status](#output\_cloudfront\_distribution\_status) | The current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system. | | [cloudfront\_distribution\_trusted\_signers](#output\_cloudfront\_distribution\_trusted\_signers) | List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs | +| [cloudfront\_monitoring\_subscription\_id](#output\_cloudfront\_monitoring\_subscription\_id) | The ID of the CloudFront monitoring subscription, which corresponds to the `distribution_id`. | | [cloudfront\_origin\_access\_identities](#output\_cloudfront\_origin\_access\_identities) | The origin access identities created | | [cloudfront\_origin\_access\_identity\_iam\_arns](#output\_cloudfront\_origin\_access\_identity\_iam\_arns) | The IAM arns of the origin access identities created | | [cloudfront\_origin\_access\_identity\_ids](#output\_cloudfront\_origin\_access\_identity\_ids) | The IDS of the origin access identities created | diff --git a/main.tf b/main.tf index 891b9fa..ebc0116 100644 --- a/main.tf +++ b/main.tf @@ -261,3 +261,14 @@ resource "aws_cloudfront_distribution" "this" { } } } + +resource "aws_cloudfront_monitoring_subscription" "this" { + count = var.create_distribution && var.create_monitoring_subscription ? 1 : 0 + distribution_id = aws_cloudfront_distribution.this.id + + monitoring_subscription { + realtime_metrics_subscription_config { + realtime_metrics_subscription_status = var.realtime_metrics_subscription_status + } + } +} diff --git a/outputs.tf b/outputs.tf index 8f2fe6e..47abea7 100644 --- a/outputs.tf +++ b/outputs.tf @@ -62,3 +62,8 @@ output "cloudfront_origin_access_identity_iam_arns" { description = "The IAM arns of the origin access identities created" value = local.create_origin_access_identity ? [for v in aws_cloudfront_origin_access_identity.this : v.iam_arn] : [] } + +output "cloudfront_monitoring_subscription_id" { + description = " The ID of the CloudFront monitoring subscription, which corresponds to the `distribution_id`." + value = element(concat(aws_cloudfront_monitoring_subscription.this.*.id, [""]), 0) +} diff --git a/variables.tf b/variables.tf index 92a7a5f..bc06d7c 100644 --- a/variables.tf +++ b/variables.tf @@ -132,3 +132,15 @@ variable "ordered_cache_behavior" { type = any default = [] } + +variable "create_monitoring_subscription" { + description = "If enabled, the resource for monitoring subscription will created." + type = bool + default = false +} + +variable "realtime_metrics_subscription_status" { + description = "A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. Valid values are `Enabled` and `Disabled`." + type = string + default = "Enabled" +} diff --git a/versions.tf b/versions.tf index e7951f9..5f0484a 100644 --- a/versions.tf +++ b/versions.tf @@ -2,6 +2,6 @@ terraform { required_version = ">= 0.13" required_providers { - aws = ">= 3.43" + aws = ">= 3.48" } } From 92d9d778768bfae71b57930431b6db85f3b1802c Mon Sep 17 00:00:00 2001 From: Vladimir Samoylov Date: Tue, 12 Oct 2021 15:54:07 +0700 Subject: [PATCH 2/4] fix distribution_id in aws_cloudfront_monitoring_subscription --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index ebc0116..f84936a 100644 --- a/main.tf +++ b/main.tf @@ -264,7 +264,7 @@ resource "aws_cloudfront_distribution" "this" { resource "aws_cloudfront_monitoring_subscription" "this" { count = var.create_distribution && var.create_monitoring_subscription ? 1 : 0 - distribution_id = aws_cloudfront_distribution.this.id + distribution_id = aws_cloudfront_distribution.this[0].id monitoring_subscription { realtime_metrics_subscription_config { From e4a3ecfe967e21eaa1256a750ec4418c51b01390 Mon Sep 17 00:00:00 2001 From: Vladimir Samoylov Date: Wed, 13 Oct 2021 02:05:41 +0700 Subject: [PATCH 3/4] new line after meta argument --- main.tf | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/main.tf b/main.tf index f84936a..b1d86da 100644 --- a/main.tf +++ b/main.tf @@ -263,7 +263,8 @@ resource "aws_cloudfront_distribution" "this" { } resource "aws_cloudfront_monitoring_subscription" "this" { - count = var.create_distribution && var.create_monitoring_subscription ? 1 : 0 + count = var.create_distribution && var.create_monitoring_subscription ? 1 : 0 + distribution_id = aws_cloudfront_distribution.this[0].id monitoring_subscription { From 49005d2642bb8bb2a10b5992ff77474388bbce39 Mon Sep 17 00:00:00 2001 From: Vladimir Samoylov Date: Wed, 13 Oct 2021 02:11:24 +0700 Subject: [PATCH 4/4] update comple example --- examples/complete/main.tf | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/examples/complete/main.tf b/examples/complete/main.tf index 8573c48..114813f 100644 --- a/examples/complete/main.tf +++ b/examples/complete/main.tf @@ -28,6 +28,10 @@ module "cloudfront" { retain_on_delete = false wait_for_deployment = false + # When you enable additional metrics for a distribution, CloudFront sends up to 8 metrics to CloudWatch in the US East (N. Virginia) Region. + # This rate is charged only once per month, per metric (up to 8 metrics per distribution). + create_monitoring_subscription = true + create_origin_access_identity = true origin_access_identities = { s3_bucket_one = "My awesome CloudFront can access"