Skip to content

sergiochoo/aws-s3-static-website

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

33 Commits
.github/workflows
.github/workflows
 
 
forthope.me
forthope.me
 
 
misc
misc
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cloudfront.tf
cloudfront.tf
 
 
counter.tf
counter.tf
 
 
outputs.tf
outputs.tf
 
 
route53.tf
route53.tf
 
 
s3.tf
s3.tf
 
 
variables.tf
variables.tf
 
 
versions.tf
versions.tf
 
 

Repository files navigation

Architecture

alt text

.github/workflows/deploy.yml

CI/CD with GitHub actions setup:

Replace 123456789012 with your actual AWS Account ID Export your AWS account id as a shell variable for later use

export accountid=123456789012

Create S3 bucket to store the Terraform state

You can choose a different region

aws s3 mb s3://terraform-state1-${accountid} --region us-east-1

Create AWS IAM user with username 'GithubActions' using a designated profile

aws iam create-user --user-name GithubActions

Create AWS IAM group with the name 'DeployS3Site' using the same AWS profile

aws iam create-group --group-name DeployS3Site

Create AWS IAM policy named 'DeployS3SitePolicy' using the policy located in 'file://misc/policy.json'. This policy should define permissions necessary for operations

aws iam create-policy --policy-name DeployS3SitePolicy --policy-document file://misc/policy.json

Attach the policy created above to the group 'DeployS3Site'. The policy ARN is derived from your AWS account id and policy name

aws iam attach-group-policy --policy-arn arn:aws:iam::${accountid}:policy/DeployS3SitePolicy --group-name DeployS3Site

Add the previously created user 'GithubActions' to the group 'DeployS3Site', giving the user all permissions defined in the attached policy

aws iam add-user-to-group --user-name GithubActions --group-name DeployS3Site

Create AWS Access Key for the IAM user 'GithubActions' which can be used for authenticating via CLI, SDKs etc.

aws iam create-access-key --user-name GithubActions

Add the following secrets into your repository settings:

ACCOUNT_ID AWS_ACCESS_KEY_ID AWS_REGION AWS_SECRET_ACCESS_KEY DISTRIBUTION_ID - (you can find it in the AWS console)

Add the following environment variables into your repository settings:

SITE_NAME - (forthope.me in my case)

Module requirements

Name Version
terraform >= 1.4.0
aws ~> 5.31.0

Providers

Name Version
aws 5.31.0

Modules

Name Source Version
s3_website ../ n/a

Resources

Name Type
aws_acm_certificate.this resource
aws_acm_certificate_validation.cert_validation resource
aws_cloudfront_distribution.this resource
aws_cloudfront_origin_access_control.this resource
aws_route53_record.cert_validation resource
aws_route53_record.website resource
aws_route53_record.www resource
aws_s3_bucket.website resource
aws_s3_bucket_ownership_controls.s3_bucket_ownership resource
aws_s3_bucket_policy.policy resource
aws_s3_bucket_public_access_block.s3_access_block resource
aws_s3_bucket_versioning.bucket_versioning resource
aws_s3_bucket_website_configuration.hosting resource
aws_s3_object.file resource
aws_caller_identity.current data source
aws_route53_zone.this data source

Inputs

Name Description Type Default Required
aws_region n/a string "us-east-1" no
bucket_versioning Versioning for S3 bucket string "Disabled" no
domain_name Name of the domain string "example.com" yes
tags n/a map 
{
  "managedBy": "Terraform"
}
 no

Outputs

Name Description
cloudfront_url Cloudfront URL
website_url Website URL (HTTPS)

About

Deploy your static website to AWS using Terraform easily!

forthope.me

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Languages