Skip to content

Commit

Permalink
Merge commit '972a5568d474fd3c8531490872251ad5909c028d' into release
Browse files Browse the repository at this point in the history
  • Loading branch information
github-actions[bot] committed Apr 7, 2022
2 parents c54bd1f + 972a556 commit 7ef3167
Show file tree
Hide file tree
Showing 17 changed files with 69 additions and 34 deletions.
5 changes: 5 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,11 @@

## [Unreleased]

## [0.12.0] - 2022-04-07

- Ensure compatibility with AWS Provider Version 4 ([#286](https://github.com/milliHQ/terraform-aws-next-js/issues/286), [#291](https://github.com/milliHQ/terraform-aws-next-js/pull/291))
- Add switch for attaching additional policy documents ([#276](https://github.com/milliHQ/terraform-aws-next-js/pull/276))

## [0.11.5] - 2022-04-02

- Adds support for route-manifest v4 ([#292](https://github.com/milliHQ/terraform-aws-next-js/pull/292))
Expand Down
7 changes: 4 additions & 3 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down Expand Up @@ -199,13 +199,13 @@ You can create a `.terraformignore` in the root of your project and add the foll
| Name | Version |
|------|---------|
| terraform | >= 0.15 |
| aws | >= 3.64.0 |
| aws | >= 4.8 |

## Providers

| Name | Version |
|------|---------|
| aws | >= 3.64.0 |
| aws | >= 4.8 |

## Inputs

Expand All @@ -227,6 +227,7 @@ You can create a `.terraformignore` in the root of your project and add the foll
| deployment\_name | Identifier for the deployment group (only lowercase alphanumeric characters and hyphens are allowed). | `string` | `"tf-next"` | no |
| expire\_static\_assets | Number of days after which static assets from previous deployments should be removed from S3. Set to -1 to disable expiration. | `number` | `30` | no |
| image\_optimization\_lambda\_memory\_size | Amount of memory in MB the worker Lambda Function for image optimization can use. Valid value between 128 MB to 10,240 MB, in 1 MB increments. | `number` | `2048` | no |
| lambda\_attach\_policy\_json | Whether to deploy additional lambda JSON policies. If false, lambda\_policy\_json will not be attached to the lambda function. (Necessary since policy strings are only known after apply when using Terraforms data.aws\_iam\_policy\_document) | `bool` | `false` | no |
| lambda\_attach\_to\_vpc | Set to true if the Lambda functions should be attached to a VPC. Use this setting if VPC resources should be accessed by the Lambda functions. When setting this to true, use vpc\_security\_group\_ids and vpc\_subnet\_ids to specify the VPC networking. Note that attaching to a VPC would introduce a delay on to cold starts | `bool` | `false` | no |
| lambda\_environment\_variables | Map that defines environment variables for the Lambda Functions in Next.js. | `map(string)` | `{}` | no |
| lambda\_memory\_size | Amount of memory in MB a Lambda Function can use at runtime. Valid value between 128 MB to 10,240 MB, in 1 MB increments. | `number` | `1024` | no |
Expand Down
2 changes: 1 addition & 1 deletion examples/complete/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion examples/next-image/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion examples/static/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion examples/with-custom-domain/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion examples/with-existing-cloudfront/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 3.0"
version = "~> 4.0"
}
}
}
Expand Down
4 changes: 2 additions & 2 deletions iam.tf
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ resource "aws_iam_role_policy_attachment" "lambda_vpc" {
####################################

resource "aws_iam_policy" "additional_json" {
count = var.lambda_policy_json != null ? 1 : 0
count = var.lambda_attach_policy_json ? 1 : 0

description = "Managed by Terraform Next.js"
policy = var.lambda_policy_json
Expand All @@ -92,7 +92,7 @@ resource "aws_iam_policy" "additional_json" {
}

resource "aws_iam_role_policy_attachment" "additional_json" {
for_each = var.lambda_policy_json != null ? local.lambdas : {}
for_each = var.lambda_attach_policy_json ? local.lambdas : {}

role = aws_iam_role.lambda[each.key].name
policy_arn = aws_iam_policy.additional_json[0].arn
Expand Down
2 changes: 1 addition & 1 deletion main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -148,7 +148,7 @@ module "next_image" {
count = var.create_image_optimization ? 1 : 0

source = "milliHQ/next-js-image-optimization/aws"
version = "~> 12.0.10"
version = ">= 12.1.0"

cloudfront_create_distribution = false

Expand Down
8 changes: 6 additions & 2 deletions modules/cloudfront-proxy-config/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,15 @@ locals {

resource "aws_s3_bucket" "proxy_config_store" {
bucket_prefix = "${var.deployment_name}-tfn-config"
acl = "private"
force_destroy = true
tags = merge(var.tags, var.tags_s3_bucket)
}

resource "aws_s3_bucket_acl" "proxy_config_store" {
bucket = aws_s3_bucket.proxy_config_store.id
acl = "private"
}

data "aws_iam_policy_document" "cf_access" {
statement {
actions = ["s3:GetObject"]
Expand All @@ -36,7 +40,7 @@ resource "aws_s3_bucket_policy" "proxy_config_store_origin_access" {
# Upload Proxy Config
#####################

resource "aws_s3_bucket_object" "config_json" {
resource "aws_s3_object" "config_json" {
bucket = aws_s3_bucket.proxy_config_store.id
key = local.proxy_config_key
content = var.proxy_config_json
Expand Down
2 changes: 1 addition & 1 deletion modules/cloudfront-proxy-config/versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.0"
version = ">= 4.0"
}
}
}
2 changes: 1 addition & 1 deletion modules/proxy/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ module "proxy_package" {

module "edge_proxy" {
source = "terraform-aws-modules/lambda/aws"
version = "2.4.0"
version = "3.1.0"

lambda_at_edge = true

Expand Down
2 changes: 1 addition & 1 deletion modules/proxy/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

variable "proxy_module_version" {
type = string
default = "0.11.5"
default = "0.12.0"
}

variable "lambda_default_runtime" {
Expand Down
51 changes: 35 additions & 16 deletions modules/statics-deploy/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -9,17 +9,24 @@ locals {

resource "aws_s3_bucket" "static_upload" {
bucket_prefix = "${var.deployment_name}-tfn-deploy"
acl = "private"
force_destroy = true

# We are using versioning here to ensure that no file gets overridden at upload
versioning {
enabled = true
}

tags = merge(var.tags, var.tags_s3_bucket)
}

resource "aws_s3_bucket_acl" "static_upload" {
bucket = aws_s3_bucket.static_upload.id
acl = "private"
}

# We are using versioning here to ensure that no file gets overridden at upload
resource "aws_s3_bucket_versioning" "static_upload" {
bucket = aws_s3_bucket.static_upload.id
versioning_configuration {
status = "Enabled"
}
}

resource "aws_s3_bucket_notification" "on_create" {
bucket = aws_s3_bucket.static_upload.id

Expand All @@ -35,23 +42,35 @@ resource "aws_s3_bucket_notification" "on_create" {

resource "aws_s3_bucket" "static_deploy" {
bucket_prefix = "${var.deployment_name}-tfn-static"
acl = "private"
force_destroy = true

lifecycle_rule {
id = "Expire static assets"
enabled = var.expire_static_assets >= 0 # -1 disables the cleanup
tags = merge(var.tags, var.tags_s3_bucket)
}

resource "aws_s3_bucket_acl" "static_deploy" {
bucket = aws_s3_bucket.static_deploy.id
acl = "private"
}

resource "aws_s3_bucket_lifecycle_configuration" "static_deploy" {
bucket = aws_s3_bucket.static_deploy.id

tags = {
"tfnextExpire" = "true"
}
rule {
id = "Expire static assets"

expiration {
days = var.expire_static_assets > 0 ? var.expire_static_assets : 0
}
}

tags = merge(var.tags, var.tags_s3_bucket)
filter {
tag {
key = "tfnextExpire"
value = "true"
}
}

status = var.expire_static_assets >= 0 ? "Enabled" : "Disabled" # -1 disables the cleanup
}
}

# CloudFront permissions for the bucket
Expand Down Expand Up @@ -172,7 +191,7 @@ module "lambda_content" {

module "deploy_trigger" {
source = "terraform-aws-modules/lambda/aws"
version = "2.4.0"
version = "3.1.0"

function_name = "${var.deployment_name}_tfn-deploy"
description = "Managed by Terraform Next.js"
Expand Down
2 changes: 1 addition & 1 deletion modules/statics-deploy/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ variable "static_files_archive" {

variable "deploy_trigger_module_version" {
type = string
default = "0.11.5"
default = "0.12.0"
}

variable "expire_static_assets" {
Expand Down
6 changes: 6 additions & 0 deletions variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,12 @@ variable "lambda_policy_json" {
default = null
}

variable "lambda_attach_policy_json" {
description = "Whether to deploy additional lambda JSON policies. If false, lambda_policy_json will not be attached to the lambda function. (Necessary since policy strings are only known after apply when using Terraforms data.aws_iam_policy_document)"
type = bool
default = false
}

variable "lambda_role_permissions_boundary" {
type = string
# https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html
Expand Down
2 changes: 1 addition & 1 deletion versions.tf
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = ">= 3.64.0"
version = ">= 4.8"
configuration_aliases = [aws.global_region]
}
}
Expand Down

0 comments on commit 7ef3167

Please sign in to comment.