This Terraform module works together with AWS Route53, S3, ACM and CloudFront to create permanent redirect of a domain to a target URL.
Both www and apex A records are created and pointed to a CloudFront distribution. The distribution accepts HTTP and HTTPS connections (free autorenewing ACM certificate is used for HTTPS). The origin for CloudFront distribution is a S3 hosted website with redirect-all rule. This solution is cheap and maintenance free.
Requirements: DNS Zone in Route53
Please review our Contributing docs for the review and release process.
No requirements.
| Name | Version |
|---|---|
| aws | n/a |
| random | n/a |
No modules.
| Name | Type |
|---|---|
| aws_acm_certificate.cert | resource |
| aws_acm_certificate_validation.validation | resource |
| aws_cloudfront_distribution.redirect | resource |
| aws_route53_record.cert_validation | resource |
| aws_route53_record.redirect | resource |
| aws_route53_record.redirect-www | resource |
| aws_s3_bucket.redirect_bucket | resource |
| aws_s3_bucket_acl.redirect_bucket | resource |
| aws_s3_bucket_ownership_controls.redirect_bucket | resource |
| aws_s3_bucket_public_access_block.redirect_bucket | resource |
| aws_s3_bucket_versioning.redirect_bucket | resource |
| aws_s3_bucket_website_configuration.redirect_bucket | resource |
| random_string.hash | resource |
| aws_caller_identity.current | data source |
| aws_region.current | data source |
| aws_route53_zone.zone | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| tags | n/a | map(string) |
n/a | yes |
| zone | Route53 zone name | string |
n/a | yes |
| allow_overwrite | Allow route53 to overwrite the current rule | bool |
false |
no |
| remove_trailing_slash | Remove trailing slash automatically added by S3 to the target URL. Conflicts with target_url. | map(string) |
{} |
no |
| source_subdomain | FQDN of subdomain that we want to redirect from. | string |
"" |
no |
| target_url | URL to redirect to | string |
null |
no |
No outputs.
- Add variable
remove_trailing_slashto allow removing trailing slash automatically added by S3 to the target URL.
- specify minimum SSL protocol as
TLSv1.2_2021
- ignore
web_acl_idin Cloudfront - add github action for formatting terraform and docs
- Move s3 website configuration to it's own resource
aws_s3_bucket_website_configuration. - Block S3 public access and set bucket ACL to
private. - Add tags to
aws_cloudfront_distribution.
- Add
aws_s3_bucket_versioning, and tag s3 buckets per org guidelines.