NOTE: For some reason, it appears that CloudFront only works with private S3 bucket in us-east-1. In all other
regions, you get 403: Access Denied errors. We are still investigating why, but for the time being, the solution is to
deploy your static website in us-east-1 and things will work fine.
Quick start
To try these templates out you must have Terraform installed:
Open vars.tf, set the environment variables specified at the top of the file, and fill in any other variables that
don't have a default.
Run terraform get.
Run terraform plan.
If the plan looks good, run terraform apply.
When the apply command finishes, this module will output the domain name you can use to test the website in your
browser.
Note that a CloudFront distribution can take a LONG time to deploy (i.e. sometimes as much as 15 - 30 minutes!), so
before testing the URL, head over to the CloudFront distributions
page and wait for the "Status" of your distribution
to show up as "Deployed".
Questions? Ask away.
We're here to talk about our services, answer any questions, give advice, or just to chat.
{"treedata":{"name":"root","toggled":true,"children":[{"name":".circleci","children":[{"name":"config.yml","path":".circleci/config.yml","sha":"ba7ce7fb3d16e6b36edcc70804c83c9c374e4974"},{"name":"post-upgrade-test-results.sh","path":".circleci/post-upgrade-test-results.sh","sha":"a4867e8fbdc334b7a90259568ee41ea577fbe764"},{"name":"set-upgrade-test-vars.sh","path":".circleci/set-upgrade-test-vars.sh","sha":"34b835df005388f7a95a0ec8290f9ebad0bac090"}]},{"name":".github","children":[{"name":"ISSUE_TEMPLATE","children":[{"name":"bug_report.md","path":".github/ISSUE_TEMPLATE/bug_report.md","sha":"d2e87e27c601e423865ed660ec697082470ca60f"},{"name":"feature_request.md","path":".github/ISSUE_TEMPLATE/feature_request.md","sha":"023a33099be2336476930c96e17ff1ba5dc55348"}]},{"name":"pull_request_template.md","path":".github/pull_request_template.md","sha":"6b100e40e323b5b07f40ed30616277c51c9f4b9e"}]},{"name":".gitignore","path":".gitignore","sha":"aefaef0f6bfce67d33d546e00f98075aa1c21844"},{"name":".pre-commit-config.yaml","path":".pre-commit-config.yaml","sha":"23068872ca60d7f40ae10c05ea8e5915d04056dc"},{"name":"CODEOWNERS","path":"CODEOWNERS","sha":"70e040248a707df97162f4607621dcbb99fdc689"},{"name":"LICENSE.txt","path":"LICENSE.txt","sha":"f4e3d9bd4717a044ed31ad847a300eee74371a78"},{"name":"README.md","path":"README.md","sha":"d4a23f35f54a390ca83e66646b48101858369896"},{"name":"examples","children":[{"name":"bin","children":[{"name":"s3-upload.sh","path":"examples/bin/s3-upload.sh","sha":"616167707b12a9ed678286f6829d06ae39b8bfb0"}]},{"name":"cloudfront-s3-private-origin-group","children":[{"name":"README.md","path":"examples/cloudfront-s3-private-origin-group/README.md","sha":"eb67a232f842fa217e11124523ec06d3bb2e6b90"},{"name":"main.tf","path":"examples/cloudfront-s3-private-origin-group/main.tf","sha":"edb238b90791fe0f84a7bfc7f3f39f8056090fc5"},{"name":"outputs.tf","path":"examples/cloudfront-s3-private-origin-group/outputs.tf","sha":"7ad8a7de25248890dd41ec74575fb18e206cf93b"},{"name":"variables.tf","path":"examples/cloudfront-s3-private-origin-group/variables.tf","sha":"461237b7ed653c66d77e0f16ef3a0f904c6c056f"}]},{"name":"cloudfront-s3-private-with-custom-bucket-policy","children":[{"name":"README.md","path":"examples/cloudfront-s3-private-with-custom-bucket-policy/README.md","sha":"9fd41cc48b1b127c68c2bf80bcfb4f77ad4c1498"},{"name":"main.tf","path":"examples/cloudfront-s3-private-with-custom-bucket-policy/main.tf","sha":"3767e769ab58c968c0f6833a62b689c170d0d887"},{"name":"outputs.tf","path":"examples/cloudfront-s3-private-with-custom-bucket-policy/outputs.tf","sha":"4028b7c112eb547208079b450305f8560d451deb"},{"name":"s3-bucket-policies.yaml","path":"examples/cloudfront-s3-private-with-custom-bucket-policy/s3-bucket-policies.yaml","sha":"50f2f62efc50de0f0e5185b1ba975b35cf727f4b"},{"name":"variables.tf","path":"examples/cloudfront-s3-private-with-custom-bucket-policy/variables.tf","sha":"6718f677373e403a0544c600506f885363b04f70"}]},{"name":"cloudfront-s3-private-with-function","children":[{"name":"README.md","path":"examples/cloudfront-s3-private-with-function/README.md","sha":"7af9c93026f727a340aac477c8d83f4a28ec51ce"},{"name":"function","children":[{"name":"index.js","path":"examples/cloudfront-s3-private-with-function/function/index.js","sha":"3e17c169478322745df5b62e61631ab57ceca6a0"}]},{"name":"main.tf","path":"examples/cloudfront-s3-private-with-function/main.tf","sha":"4962f319ee1e29f6bb0c51d1dc2f17e0fb937033"},{"name":"outputs.tf","path":"examples/cloudfront-s3-private-with-function/outputs.tf","sha":"4028b7c112eb547208079b450305f8560d451deb"},{"name":"variables.tf","path":"examples/cloudfront-s3-private-with-function/variables.tf","sha":"1b04323d35a6184e912ed5440ed24955308bfdfe"}]},{"name":"cloudfront-s3-private","children":[{"name":"README.md","path":"examples/cloudfront-s3-private/README.md","sha":"9fd41cc48b1b127c68c2bf80bcfb4f77ad4c1498","toggled":true},{"name":"main.tf","path":"examples/cloudfront-s3-private/main.tf","sha":"946ea609e9416bd0f12a6e9802de4f802df9cbe4"},{"name":"outputs.tf","path":"examples/cloudfront-s3-private/outputs.tf","sha":"4028b7c112eb547208079b450305f8560d451deb"},{"name":"variables.tf","path":"examples/cloudfront-s3-private/variables.tf","sha":"1b04323d35a6184e912ed5440ed24955308bfdfe"}],"toggled":true},{"name":"cloudfront-s3-public-origin-group","children":[{"name":"README.md","path":"examples/cloudfront-s3-public-origin-group/README.md","sha":"80e5a99578d8c9eba230531ac040a8e82aebfebd"},{"name":"main.tf","path":"examples/cloudfront-s3-public-origin-group/main.tf","sha":"0cbf672abccd9c40db2056b471014d6a2586942e"},{"name":"outputs.tf","path":"examples/cloudfront-s3-public-origin-group/outputs.tf","sha":"8882441bc7e074e7e77b8e8bf79332bacf7008a6"},{"name":"variables.tf","path":"examples/cloudfront-s3-public-origin-group/variables.tf","sha":"3d74b609cfcc43cceaedcc6cc285c78b51696724"}]},{"name":"cloudfront-s3-public","children":[{"name":"README.md","path":"examples/cloudfront-s3-public/README.md","sha":"aed32ebaa3e145939ee0e027125583200673c104"},{"name":"lambda","children":[{"name":"index.py","path":"examples/cloudfront-s3-public/lambda/index.py","sha":"f9a4c9c0965ed79eb1ad015c7050a0dde2a1ef74"}]},{"name":"main.tf","path":"examples/cloudfront-s3-public/main.tf","sha":"d78efe63594d79f4d15ceaa78b60aad492d1ffca"},{"name":"outputs.tf","path":"examples/cloudfront-s3-public/outputs.tf","sha":"4028b7c112eb547208079b450305f8560d451deb"},{"name":"variables.tf","path":"examples/cloudfront-s3-public/variables.tf","sha":"495258d706da659dbaa1fa914428f9bf7f206da5"}]},{"name":"example-website","children":[{"name":"README.md","path":"examples/example-website/README.md","sha":"359ae6d06f8e77244f18c42704637b8e6ef498c6"},{"name":"error.html","path":"examples/example-website/error.html","sha":"0a959f6cec57577c7c167d362c143e31f215b07c"},{"name":"grunty.png","path":"examples/example-website/grunty.png","sha":"fa4bab8d46d843cd22b20f16bcda72e9d4c86680"},{"name":"index.html","path":"examples/example-website/index.html","sha":"a1457ee18744c564fe0b19b1b1ee1f97434f901d"},{"name":"subfolder","children":[{"name":"index.html","path":"examples/example-website/subfolder/index.html","sha":"496cf61adeb14592511894ceb6250c5b0545b0e7"}]}]},{"name":"s3-static-website","children":[{"name":"README.md","path":"examples/s3-static-website/README.md","sha":"a2d9c34b338551214ccf7df40d63bfa98ae5bae6"},{"name":"main.tf","path":"examples/s3-static-website/main.tf","sha":"08a1a06f0ce0651441989bcbf91d2a0aa9d6a1fe"},{"name":"outputs.tf","path":"examples/s3-static-website/outputs.tf","sha":"266783fdf9ce2641bb2714ad1e9ada8e7b56f018"},{"name":"variables.tf","path":"examples/s3-static-website/variables.tf","sha":"03f9fb0227c14930cf32e3f38ef0bdf820506a9d"}]}],"toggled":true},{"name":"modules","children":[{"name":"_docs","children":[{"name":"s3-architecture.png","path":"modules/_docs/s3-architecture.png","sha":"24664de39064d5c6767105b75d002bddf763ff82"},{"name":"s3.png","path":"modules/_docs/s3.png","sha":"667a181c90817858914551e9b2fa376fa1c8f177"}]},{"name":"s3-cloudfront","children":[{"name":"README.md","path":"modules/s3-cloudfront/README.md","sha":"ee62c57a95de32148da765bb56217bbe41a9ae5f"},{"name":"main.tf","path":"modules/s3-cloudfront/main.tf","sha":"6dcc140be99efb9a83517a6002084896abb270ef"},{"name":"outputs.tf","path":"modules/s3-cloudfront/outputs.tf","sha":"0944924a43237d2cf1faa8ff38311523a1167c7a"},{"name":"variables.tf","path":"modules/s3-cloudfront/variables.tf","sha":"9ab3e54295b98be37171a155100ceca2fabd3205"}]},{"name":"s3-static-website","children":[{"name":"README.adoc","path":"modules/s3-static-website/README.adoc","sha":"3ea276e35d3b46836af9adc09fd40e95105d1ad3"},{"name":"core-concepts.md","path":"modules/s3-static-website/core-concepts.md","sha":"6831fb0e8e930349314c03dd0db5ca16a0703dc5"},{"name":"main.tf","path":"modules/s3-static-website/main.tf","sha":"553e5d4a621afe7c51b062ff183f3630ac04e1cf"},{"name":"outputs.tf","path":"modules/s3-static-website/outputs.tf","sha":"107a021aa4acf2f6ff1e254aa8727ceaf080fce2"},{"name":"variables.tf","path":"modules/s3-static-website/variables.tf","sha":"17af8a0c4d1335e43bd1b8d2c383489876327a14"}]}]},{"name":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","path":"terraform-cloud-enterprise-private-module-registry-placeholder.tf","sha":"ae586c0fe830819580e1009d41a9074f16e65bed"},{"name":"test","children":[{"name":"README.md","path":"test/README.md","sha":"2b6dbdbf2af81a41b0b7105894f8ec1746bf8ae8"},{"name":"go.mod","path":"test/go.mod","sha":"7829d4579a6c54d1558a2db134bb980ddc674573"},{"name":"go.sum","path":"test/go.sum","sha":"2fa320c78869cb6fb982638cb8e17463cd4c4fd9"},{"name":"s3_cloudfront_canonical_user_test.go","path":"test/s3_cloudfront_canonical_user_test.go","sha":"83c3998b4d5901a0acb58d04eab18006e8dc3dbf"},{"name":"s3_cloudfront_custom_bucket_policy_test.go","path":"test/s3_cloudfront_custom_bucket_policy_test.go","sha":"eab324cd58d6e6803d641b0387acf1ead1e98ef5"},{"name":"s3_cloudfront_function_test.go","path":"test/s3_cloudfront_function_test.go","sha":"eb310d955465b5b0cb3bfc07532dd84ed1efcce2"},{"name":"s3_cloudfront_origin_group_test.go","path":"test/s3_cloudfront_origin_group_test.go","sha":"f6fb71fdc0a5afe17ebfb05df5f7dbc06b1cde5d"},{"name":"s3_cloudfront_test.go","path":"test/s3_cloudfront_test.go","sha":"8bcfe80fb45e14f83a6ef850be7cfc3d0d68b617"},{"name":"s3_static_website_test.go","path":"test/s3_static_website_test.go","sha":"ffc233a8c20259a4665132af20a2b0fbd470c041"},{"name":"test_helpers.go","path":"test/test_helpers.go","sha":"c04949e9f103ae8c63e5d629daccb10d40e28868"},{"name":"upgrades","children":[{"name":"upgrade_test.go","path":"test/upgrades/upgrade_test.go","sha":"a09ac360075309566b4823b516e94c6e8ce8c511"}]},{"name":"validation","children":[{"name":"validate_all_modules_and_examples_test.go","path":"test/validation/validate_all_modules_and_examples_test.go","sha":"33d73c385b64c4fc870033e99427e683c31dc45a"}]}]}]},"detailsContent":"<h1 class=\"preview__body--title\" id=\"cloud-front-s-3-private-bucket-example\">CloudFront + S3 private bucket example</h1><div class=\"preview__body--border\"></div><p>This folder shows an example of how to use the <a href=\"/repos/v0.18.2/package-static-assets/modules/s3-cloudfront\" class=\"preview__body--description--blue\">s3-cloudfront</a> and\n<a href=\"/repos/v0.18.2/package-static-assets/modules/s3-static-website\" class=\"preview__body--description--blue\">s3-static-website</a> modules to deploy a CloudFront distribution as a CDN in front of a\nprivate S3 bucket. Make sure to read the <a href=\"/repos/v0.18.2/package-static-assets/modules/s3-cloudfront#public-vs-private-s3-buckets\" class=\"preview__body--description--blue\">Public vs private S3 buckets\ndocumentation</a> to understand the difference between this example\nand the <a href=\"/repos/v0.18.2/package-static-assets/examples/cloudfront-s3-public\" class=\"preview__body--description--blue\">cloudfront-s3-public example</a>.</p>\n<p><strong>NOTE</strong>: For some reason, it appears that CloudFront only works with private S3 bucket in <code>us-east-1</code>. In all other\nregions, you get 403: Access Denied errors. We are still investigating why, but for the time being, the solution is to\ndeploy your static website in <code>us-east-1</code> and things will work fine.</p>\n<h2 class=\"preview__body--subtitle\" id=\"quick-start\">Quick start</h2>\n<p>To try these templates out you must have Terraform installed:</p>\n<ol>\n<li>Open <code>vars.tf</code>, set the environment variables specified at the top of the file, and fill in any other variables that\ndon't have a default.</li>\n<li>Run <code>terraform get</code>.</li>\n<li>Run <code>terraform plan</code>.</li>\n<li>If the plan looks good, run <code>terraform apply</code>.</li>\n</ol>\n<p>When the <code>apply</code> command finishes, this module will output the domain name you can use to test the website in your\nbrowser.</p>\n<p>Note that a CloudFront distribution can take a LONG time to deploy (i.e. sometimes as much as 15 - 30 minutes!), so\nbefore testing the URL, head over to the <a href=\"https://console.aws.amazon.com/cloudfront/home#distributions:\" class=\"preview__body--description--blue\" target=\"_blank\">CloudFront distributions\npage</a> and wait for the "Status" of your distribution\nto show up as "Deployed".</p>\n","repoName":"package-static-assets","repoRef":"v0.16.0","serviceDescriptor":{"serviceName":"S3","serviceRepoName":"package-static-assets","serviceRepoOrg":"gruntwork-io","serviceMainReadmePath":"/modules/s3-static-website","cloudProviders":["aws"],"description":"Deploy your static content and static websites on S3. Supports bucket versioning, redirects, and access logging.","imageUrl":"amazon-s3.png","licenseType":"subscriber","technologies":["Terraform"],"compliance":[],"tags":[""]},"serviceCategoryName":"Static content","fileName":"README.md","filePath":"/examples/cloudfront-s3-private","title":"Repo Browser: S3","description":"Browse the repos in the Gruntwork Infrastructure as Code Library."}